Baker Tilly TPA

GDPR

Starting with 25 May 2018, a new set of rules regarding personal data protection will become mandatory throughout the EU and beyond. Every organization collecting and processing personal data in the EU as well as organizations located anywhere in the world, processing personal data of EU citizens will have to comply with the new General Data Protection Regulation (GDPR).

Personal data, today’s increasingly important currency, will have to be treated as consumers’ all other personal property. Consumers will take control of how their data is collected, processed, used and stored and organizations throughout the world will have to obtain the consumer’s consent for any data collection and processing operations. Steep fines and penalties, running up to 20 mil. Euro or 4% of the total turnover, whichever higher, can be applied to those failing to comply with the new set of rules.

The GDPR will bring changes to various company policies, such as the confidentiality policy, data security, sales and marketing operations and so on. New restrictions regarding consent to collect and process customers’ data, especially those underage, will apply. Data protection by design will become mandatory and some organizations will be required to hire Data Protection Officers or set up other structures to monitor and regulate personal data usage at company level.

Adapting to the challenges the GDPR brings takes time and effort, so taking the first step and getting the information needed for this change is essential. We can make your company fit for GDPR. Contact our offices and ask for an offer!