General Data Protection Regulation (GDPR) Market-GDPR is thus a major reform in the digital world

General Data Protection Regulation (GDPR) was introduced as a part of data protection reform across the European Union (EU). The GDPR is a new regulation that is applicable to all organizations whose business operation is in member states of the European Union. It also applies to those organizations operating outside of the EU but are selling goods and services to customers and enterprises in the EU. This basically means that all the major multinational companies in the world have to abide by the GDPR compliance. The guidelines are formulated to give EU citizens more control over their personal data. The data protection reform came into force in May 2016 and was mandatorily applicable from 25th May 2018. The type of data which is considered personal under the GDPR framework are name, photos, address, IP address, and other sensitive data (genetic data, biometric data, ethnic data, sexual orientation etc.)

PDF Brochure For Future Advancements @

Under Article 4 of GDPR, there are two types of data handlers, data processors and data controllers. A data controller is an individual, public authority, or any institution which determines the need and means of processing personal data. A data processor is an individual, public authority, or any institution which processes personal data on behalf of the controller. GDPR places more legal obligation on a processor to manage and maintain personal data and how they are being processed. The controller has to make sure that all the contracts with the processor are in compliance with GDPR. The key focus of GDPR is clarity in consent to use personal data, which basically means that now companies cannot use vague or complicated and confusing statements to take the consumer’s consent. On the contrary, there has to be total transparency when taking consent of any individual. The EU document for GDPR also lays down rules, making it mandatory for companies to notify the data protection authority about a data breach within 72 hours after becoming aware about it.

Download Table Of Content @