In General, the new rules of the GDPR is mainly about how you handle personal information your business requires changes to your business processes, if you are dealing with personal data in the EU.
You can’t know if you’ve been hurt so here is a guide to understand the latest privacy law affecting many Australian businesses.
What is GDPR?
GDPR stands for a General data protection regulation, which is designed to provide continuous data protection for individuals in the 28 EU member States. He is considered one of the most stringent and far-reaching privacy and data protection regimes in the world, after its entry into force.
When the GDPR coming?
Set of will come into effect on may 25, GDPR requires new obligations on businesses that collect, use, store and process EU personal data, including entrepreneurs, providing services seen to process data on behalf of another business. This will allow to catch many of these processing plants.
“Personal information” means information that can identify the individual, such as an email address.
“There are high fines for not complying with GDPR, so it is important to see how or if this applies to Your business.”
Who is affected by GDPR?
The law covers a wide GDPR and achievements of other countries, including Australian companies that may have or be any type of collection of personal data from the EU.
You must follow the rules of the GDPR if you:
As GDPR different Australian privacy Law?
There are some similarities: both GDPR and Australian privacy laws include some of the same requirements as the laws promote transparent information handling practices and accountability of the business to give people confidence that their privacy will be protected.
However, there are a number of new duties and rights that are imposed on any business in any country, including Australia, dealing with non-EU personal data, including:
You may remember a great deal of initiative in the news about ‘right to be forgotten’ in Europe, which meant that anyone could ask for all the information on them should be removed from Internet, including all the articles about the crimes that they have committed. A new right to Erasure right to be forgotten. If you collect data of the EU resident, that person may ask you to erase your personal data or limit how it is used.
There are rules for how a business can transfer personal data from the EU to Australia and what information can be transferred to Australia.
Agrees to give no longer a valid way to obtain consent. For example, You can not use personal data for direct marketing of Your business and offer an ‘unsubscribe ” or ” to refuse to participate in them’.
Some businesses will have a requirement to appoint a Commissioner for data protection within their business as well as the EU representative in certain circumstances.
What do Australian companies need to do?
Australian businesses should reconsider its practice of processing the data to determine whether, and to what extent, the GDPR applies to them.
If you are bound by the GDPR, You should be familiar with reporting and control requirements and put processes to meet business requirements. In other words, You have to understand that these compliance requirements and to take measures to run until may 25.
You should also be able to show that the processes of requirements management, personal data will be respected. This may include, for example, obtaining consent to use personal data from EU citizen depending on what and how you use it.
As the new GDPR regulations and requirements depends on how each company collects and uses data, as well as the Type of information collected personal data, there is a one-stop-shop there is no answer to what your business needs to do to comply. You need to look at your business to see if you sell your products or services in the EU, and if so, understand your requirements for Your business to meet GDPR.
In addition, if you do not need to comply with the GDPR, you should consider including a statement on your website that you are apart of EU citizens from purchasing Your products or services, to make it clear that You are not marketing to EU citizens.
There are high fines for not complying with GDPR so today overview of Your business.