GDPR

WHO DOES GDPR APPLY TO?

GDPR applies to all EU member states and the organizations that does business in EU, regardless of its location. GDPR is not only applicable to the businesses in the European Union alone but also to the businesses in other countries that have EU citizens as their customers.

The EU citizens, whose personal data is being held by the organizations, are known as data subjects under data protection law. The organization holding such personal data, is known as data controller. Any other organization which processes the personal data on behalf of data controller, is known as the data processor.

WHAT ARE THE PRINCIPLES OF GDPR?

The seven principles are:

1. Lawfulness, fairness and transparency
2. Accuracy
3. Data minimization
4. Storage limitation
5. Purpose limitation
6. Accountability
7. Integrity and confidentiality (security)

WHAT ARE THE SPECIAL CATEGORIES OF DATA UNDER GDPR?

GDPR has classified “special categories” of personal data under Article 9. These are:

• Personal data on ethnic or racial origin
• Religious or philosophical beliefs
• Political opinions
• Genetic data and biometric data
• Trade union membership
• Data pertaining to a natural person’s sexual orientation
• Data regarding health

WHAT WILL BE THE RESULT FOR NON-COMPLIANCE IN GDPR?

GDPR mandates companies to appoint a data protection officer to oversee GDPR compliance. GDPR has increased penalties for non-compliance in comparison to the former data protection directive. This means that companies that fail to achieve GDPR compliance will be subject to rigid fines and penalties.

If you are looking for the best legal services and need help with GDPR compliance program for Indian businesses who comes under the ambit of GDPR due to their customer base in EU countries or EU customers as their customer, you can reach out to us on bestlegalservices.in.