New EU General Data Protection Regulation (GDPR)

On Friday, May 25th 2018, the new EU General Data Protection Regulation (GDPR) is coming into effect after an adoption period of two years.

The new regulation aims to strengthen the protection of the data from EU citizens and to create a European standard after decades of having very different national laws within the EU. Every organisation that processes „personal data“ (any information that can be used to identify an individual) from EU citizens is affected by the GDPR.

The regulation gives the users new rights regarding their data, e.g. the right to request all data a company has on the respective user or the „right to be forgotten“, i.e. to request the deletion of this data. For companies that process data from EU citizens, the GDPR imposes a set of rules imposed that the organisations have to comply to. One of the main changes that are noticeable for the user is that all processing activities have to be made transparent. In order to continue these activities, the companies have to get the active consent of the user and give the users the option to withdraw or deny the consent.

More information can be found here.