GDPR – What it Means for Businesses? – Infographic
Last updated:
08 Sep, 2023
By Ritu Kaushal |
2 Minutes Read
GDPR stands for General Data Protection Regulation. On May 25, 2018, GDPR came into existence for companies that were more into collecting and processing personal data.
The law GDPR is a European Union law, but it will have far-reaching effects across European boundaries. Even US-based companies will have to comply with the new regulation when doing business within the EU.
Moreover, not only in the US, any business where there’s data processing with offering goods and services to EU-based people will have to adhere to this law.
The ultimate goal of this law is to reshape the earlier EU Data Protection Directive, which only applies to entities that process personal data within the EU. But now, GDPR is applied to any company that uses data to offer goods and services or to track online behavior within the EU, irrespective of its location.
Under the General Data Protection Regulation, one should comply with six principles and satisfy at least one condition for processing the data.
- Process all the data lawfully, fairly, and in a transparent manner
- Collect the data for explicit, specified, and legitimate purposes, and do not process it in an incompatible manner.
- Process data for an adequate, relevant, and limited purpose.
- Take every reasonable step to ensure accuracy and keep data up to date.
- It should be in a form that permits the identification of data subjects.
- Process the data to ensure appropriate security of the personal data. It includes protection against destruction or damage, unauthorized or unlawful processing, or accidental loss.