9 key elements you need to know to prepare for GDPR compliance

The GDPR is coming and this is huge. First things first, you need to take it seriously. At least because if you don’t, the penalties you risk are unseen before. Up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher. 

So here are 9 points you need to know to prepare for the GDPR: 

1. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union. It is applicable to ALL companies worldwide if they process data of EU residents. 
2. The GDPR (General Data Protection Regulation) is applicable from May 25, 2018.
3. You need to assign a DPO, a data protection officer. A DPO can be internal or external to the organization but need to have the appropriate knowledge. 
4. You need to clearly opt-in individuals before processing their data. So the consent must be an active action by the data subject not a passive one.
5. You need parental consent to process data of children under 16 years old! 
6. You need to be able to prove compliance. This means it is highly advised to maintain a documentation and implement data protection by design. 
7. You have 72 hours to notify in case of a breach.
8. You need to able to provide the right to be forgotten. This means to erase all data of your clients if they ask you to do so. 
9. The law is applicable even if your company don’t own the data or just processes it for a client. 

To know more about the subject, or dig deeper, here is the actual complete text of the regulation: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=FR

Ezako is a European startup specialized in Big Data and Machine Learning. To learn more about Ezako, click here.