What online businesses need to know about the new General Data Protection Regulation

26 oktober, 2016

The new General Data Protection Regulation (GDPR) is one of the most important pieces of legislation for retailers and consumers alike in the European Union ‒ but what will it mean for your business?

The GDPR, or General Data Protection Regulation, is a new directive which protects consumer rights and simplifies rules for businesses trading in the EU, easing the path to a Digital Single Market. With 90% of Europeans saying they want the same data protection rights across the EU, this harmonised strategy gives consumers more control and overview of their data.

The GDPR will give consumers:

  • Easier access to their data
  • Easier transfer of data
  • The ‘right to be forgotten’
  • The right to know when their data is breached

While these rules may seem daunting to businesses, the GDPR brings companies, particularly SMEs, a wealth of benefits by removing much of the ambiguity and inconsistency around trading between European countries. These benefits include:

  • A single set of rules for ease of trading
  • European rules on European soil
  • A risk-based approach
  • Dealing with one single supervisory authority ‒ and no more notifications

SMEs can also charge fees for providing access to data (when such requests appear unreasonable), are exempt from appointing Data Protection Officers if data processing is not their main activity, and do not have to carry out an impact assessment unless there is a high risk.

The GDPR will apply across the European Union from 25th May.