Before understanding clearly what it means to be GDPR ready, it is required that you understand what it actually means. The simplest of the explanation is that its a set of rules that protects an individual’s privacy. Its legislation regulates the processing of the EU resident’s personal data which includes using, transferring, monitoring tracking and even viewing personal data. It came into effect on 25th May 2018.
GDPR Applies To You?
GDPR usually applies to any organization that processes the data of the residents of the EU. Your company may not necessarily be based in the EU for that. Suppose, you are exhibiting at a fabrics trade show which requires you to collect the data of various attendees and while doing that, there might be few people attending that trade show in India who are from Germany. This would not be subject to GDPR if he is India but it could be subject to if he is still in the EU.
When Does GDPR Apply to You?
Here are some rules that will help you understand whether it actually applies to you or not:
- Offer goods/services in the EU
- Monitor EU data subjects’ behavior
- Collect personal data from EU residents
- Have EU customers
- Collect personal data only as part of a marketing survey
What should you be doing?
To avoid problems in the future, it’s better to determine whether GDPR applies to you or not. Under it, you have to disclose everything about what are you collecting, what are you storing and in what ways are you using it. Then, determine the level of compliance and then develop a plan for it. Then it’s up to you to provide informed notice and get informed consent. Finally, you should go with the plan.