GDPR - General Data Protection Regulation 101
GDPR is a EU regulation for companies that serve customers within that region. The GDPR provides a set of rules on how companies should handle & store EU citizen personal info. Launched in 2016, it protects data such as Basic Personal Info (IDs, names, emails and address).
Racial Identity and Sexual Orientation. Political and Religious Affiliations. Web Data for Tracking (Cookie data, IPs). Sensitive Health Information. Compliance Criteria. For a company to comply with GDPR, it needs to pass through a set of criteria, including… EU country presence (or) 250+ Employees. Now, many small businesses that serve EU clients don’t fit those criteria. But, they may be forced to comply if they …
Process EU resident personal data. Process personal data that is sensitive, and may impact the rights of certain EU residents. Enforcing GDPR.
You may need a data protection officer (DPO) to do the job. And that may be an individual you hire (or) a firm you outsource the job to.