1. When will the GDPR come into effect?
It comes into effect on 25 May 2018.
2. Who does it apply to?
The GDPR applies not only to organizations located within the EU but also to ones regardless of their location if they process personal data of EU individuals or companies.
3. Where does GDPR apply?
The GDPR applies to processing carried out by organizations operating within the EU. It also applies to organizations outside the EU that offer goods or services to individuals in the EU.
4. What will the penalties be for failing to comply with GDPR?
The maximum fine a company can face is 4% of its annual global turnover, or €20 million, whichever is the highest.
5. The individual rights under GDPR and your actions to comply.
You should check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically. The GDPR includes the following rights for individuals:
- · the right to be informed
- · the right of access
- · the right to rectification
- · the right to erasure
- · the right to restrict processing
- · the right to data portability
- · the right to object
- · the right not to be subject to automated decision-making including profiling