We manage all aspects of our customers GDPR compliance.
We specialize in all aspects of GDPR training, GDPR risk assessments & remedial work.
The General Data Protection Regulation (GDPR) came into force on May 25, 2018, and was designed to modernize data protection laws that protect the personal information of individuals.
GDPR affects every company, but the hardest hit will be those that hold and process large amounts of consumer data: technology firms, marketers, and the data brokers who connect them.
Elizabeth Denham, the UK's information commissioner, who is in charge of data protection enforcement, says GDPR brings in big changes but has warned they don't change everything. "The GDPR is a step change for data protection," she says. "It's still an evolution, not a revolution". For businesses which were already complying with pre-GDPR rules the new should be a "step change," Denham says.
The GDPR does not require every controller or processor to appoint a data Protection Officer (DPO) but, you should assume that you will need a DPO. Peter Brown, the Senior Technology Officer within the ICO says "I've heard plenty of people talking about there being a DPO exemption for Small and medium-sized enterprises (SMEs) - this is absolutely not the case".
The individual has the power to hold companies to account as never before. If individuals begin to take advantage of GDPR in large numbers, by withholding consent for certain uses of data, requesting access to their personal information from data brokers, or deleting their information from sites altogether, it could have a seismic affect on the data industry.