GDPR came into effect in Spring 2018 and is the primary law regulating how companies protect EU (European Union) citizens’ personal data. However, still today, companies, especially in North America, are unsure if it applies to them, and what they actually have to do to comply if it does. To help with this, we have put together a list of the most frequently asked questions we get asked about GDPR.

GDPR FAQs

What does GDPR stand for?

GDPR stands for General Data Protection Regulation. It’s the core of Europe’s digital privacy legislation.

What is GDPR?

At its core, GDPR is a new set of rules designed to give EU citizens more control over their personal data. It aims to simplify the regulatory environment for business so both citizens and businesses in the European Union can fully benefit from the digital economy.

The reforms are designed to reflect the world we’re living in now, and brings laws and obligations – including those around personal data, privacy and consent – across Europe up to speed for the internet-connected age.

Fundamentally, almost every aspect of our lives revolves around data. From social media companies, to banks, retailers, and governments – almost every service we use involves the collection and analysis of our personal data. Your name, address, credit card number and more all collected, analysed and, perhaps most importantly, stored by organisations.

What is GDPR compliance?

Data breaches inevitably happen. Information gets lost, stolen or otherwise released into the hands of people who were never intended to see it – and those people often have malicious intent.

Under the terms of GDPR, not only do organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners – or face penalties for not doing so.

Who does GDPR apply to?

GDPR applies to any organisation operating within the EU, as well as any organisations outside of the EU which offer goods or services to customers or businesses in the EU. That ultimately means that almost every major corporation in the world needs a GDPR compliance strategy.

What are the GDPR fines and penalties for non-compliance?

Failure to comply with GDPR can result in a fine ranging from €10 million ($15 million) to four percent of the company’s annual global turnover, a figure which for some could mean billions.

Fines depend on the severity of the breach and on whether the company is deemed to have taken compliance and regulations around security in a serious enough manner.

Meevo is a digital marketing and development agency based in Toronto. We specialize in partnering with startups, design firms and agencies with strong creative, but limited executional resources.

Share this

All your hard work is done, and your new website is ready to launch, however, in all this excitement it is easy to miss out important steps. To help you avoid common mistakes we have put together a list of the 26 must-do checks before launching your WordPress website. 26 Must-Do Checks Before Launching Your &hellip; <a href="https://meevo.ca/insights/wordpress-website-pre-launch-checklist-2019/">Continued</a>
Read more
The final and most important stage of building your website is testing. You have spent weeks (even months) crafting the perfect site and will want to make sure everyone enjoys it without any issues or errors. This can be a daunting task with the wide range of variables out there, from device size to internet &hellip; <a href="https://meevo.ca/insights/top-tool-for-website-testing-2019/">Continued</a>
Read more
The short answer to this question is yes. But before you take our word for it, you might be wondering what exactly https is and how it will help you.
Read more