Here you can find some answers to questions regarding Key GDPR.
What is GDPR?
GDPR is a regulation by the European Union to strengthen data protection for EU residents. This new law replaces the existing EU Data Protection Directive (95/46/EC). It increases the rights of individuals and adds additional obligations on organizations. It ensures organisations are fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities. Furthermore, the new EU data protection regime applies to all companies even outside the EU when they process data of EU residents.
When will GDPR be enforced/applied?
GDPR will apply from 25th May 2018. Thereafter organisations in non-compliance may be subject to fines.
About GDPR for B2B and B2C
GDPR applies for both B2B and B2C. The Privacy and Electronic Communications Regulations are also under review and they will align with the GDPR.
Who does GDPR apply to?
GDPR applies to people and entities of all sizes that process personal data of EU residents.
It applies regardless of where they are based in the World. These regulations apply to both data controllers and data processors, including third parties such as cloud providers.
Where does GDPR apply?
It applies to the 28 EU member states, and to entities outside the EU who processing the data of any EU citizens.
Will Brexit affect the ruling of GDPR?
No. GDPR comes into effect before the UK leaves the European Union on March, 29th 2019.
What is the fine for non respect with the GDPR?
The maximum penalty for organizations in non-compliance with GDPR can be up to €20 million or 4% of annual global turnover, whichever is greater. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment.
Where are your data and applications stored?
Our state-of-the-art redundant cloud cluster is hosted on dedicated servers within the EU.
Is that data ever moved out of the EEA?
No. We currently do not store data outside of the EEA.
Do you ever transfer data between data centers outside of the EU?
Do you always inform me when my data is being transferred?
Do you have a Data Protection Officer?