Page 87 - Cyber Warnings
P. 87
The Why and How of GDPR (General Data Protection Regulation)
for your business
Introduction
The General Data Protection Regulation (GDPR) is an act which comes into effect from 25th
May 2018, consists of 173 recitals enforced by 99 articles and is applicable
• Across the EU, when the data processing occurs within the EU
• To the goods or services within the EU
• To the personal details of the EU individuals
• For monitoring the behavior of EU citizens (when such behavior occurs within EU)
and
• Overrides the Safe harbor provisions earlier used to govern the data transfer
between US and Europe
General Data Protection Regulation (GDPR)
GDPR harmonizes the various data protection laws across the EU and is applicable to both
the Data “controllers” and data “processors” where
a) “Data Controller” is the business entity that determines the purposes and means of
processing the personal data
b) “Data Processor” is the entity that processes the personal data on behalf of the data
controller
Personal Data
In the context of GDPR, the term “Personal Data” refers to the -
• Names,
• Residential Addresses,
• Business contact information, Trustees, Officers and Shareholders,
• Business qualifications, Licenses and registrations,
• Suppliers, Vendors and Sub contractors,
• Legal agreements,
• Insurance policy numbers,
• Medical information,
• Vehicle registration numbers and related offences,
• Payroll, Financial details (taxation, credit worthiness), Pension related details,
• Enrolled benefits and beneficiary details,
• Social security number,
• Employment related – such as Company name and Designation,
• Capital and Property related details,
87 Cyber Warnings E-Magazine – April 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
