Go Ad-Free
    My Alerts
    Moneycontrol
    Moneycontrol PRO
    HomeNewsWorldWhat is GDPR? 10 key points on the new EU law for data protection

    What is GDPR? 10 key points on the new EU law for data protection

    Although the law is related to Europe, it has global implications on firms dealing with EU residents in any form

    Moneycontrol News
    April 03, 2018 / 18:01 IST
    Build your skillset: Change is the only constant and with the evolving times an updated skillset would be a handy addition to your resume. Show potential employers what you’ve learned that can be an asset to their business in the post-coronavirus world. (Image Source: Reuters)

    Companies need to be ready as the General Data Protection Regulation (GDPR) will come into effect on May 25. The GDPR is part of a European Union (EU) legislation, which has been designed to protect the personal data of its residents.

    Although the law is related to Europe, it has global implications on firms who are dealing with EU residents in any form.

    So what is the law and how does it affect India? Here are 10 key facts about GDPR:

    1. The EU GDPR is considered to be the most notable change in the data protection regime in the last two decades.

    2. The law was approved in April 2016 and European authorities had given companies two years' time to comply. It will come into force from May 2018.

    3. Once in effect, the GDPR will replace a previous law called the Data Protection Directive.

    4. EU authorities have formulated the law with an aim to give consumers control of their personal data as it is collected by companies. Personal data here define data relating to identifiable living individuals, including their names, email IDs, ID card numbers and physical and IP addresses.

    5. Under the GDPR, companies are required to provide clearly distinguishable consent terms seeking data from individuals. There should be no vague or confusing statements in regard to this.

    6. If the individual is below 16 years of age, a person holding "parental responsibility" must opt-in to data collection on their behalf.

    7. The EU document further gives rights to individuals to have personal data deleted under certain conditions.

    8. It also makes it mandatory for companies to notify their data protection authority about a data breach within 72 hours of first becoming aware of it. Failing to comply could result in a fine up to 4 per cent of global turnover or €20 million — the maximum amount of the fine, as per a report of The Hindu.

    9. Besides having a deep impact in Europe, the data protection law has global implications as it also applies to those outside the EU who are directly or indirectly related to its residents.

    10. The impact of the law would be seen on Indian IT firms and other service providers dealing with any EU client.

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    Moneycontrol News
    first published: Apr 3, 2018 06:01 pm

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347