WHAT IS GDPR COMPLIANCE?
The General Data Protection Regulation (GDPR) harmonizes data privacy laws across Europe to protect all data belonging to EU citizens and residents. While organizations that sell or market to the EU must be compliant by May 25th 2018, there’s potential opportunity for a new level of business growth.
What are the customer rights?
GDPR defines consent as any freely given, specific, informed and unambiguous indication from individuals to legitimize an individual’s personal data by the processing organizations. The processing organization should be able to demonstrate proof of consent and allow individuals to review previously given consents and withdraw it if necessary.
PRIVACY BY DESIGN AND DEFAULT
GDPR states that the processing organization should adopt internal policies and implement measures that meet, in particular, the principles of data protection by design and data protection by default. A data protection impact assessment will help you achieve this by ensuring that all personal data collection, processing, storage and destruction measures are designed to secure privacy.