The European General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a Regulation of the European Union (In the 28 EU member states, it is generally referred to as the "General Data Protection Regulation" – GDPR). Its aim is to establish uniform regulations for the processing of personal data within the EU. It applies equally to private companies and public authorities from May 25, 2018. The regulation is intended to ensure the protection of personal data within the European Union. It also aims to clearly regulate the free flow of data within the European single market.
The GDPR does not fundamentally change the basic rules of data protection. However, many additional data protection regulations will apply, which should already be taken into account, especially in light of significantly increased fines. The new German Federal Data Protection Act (BDSG) also comes into force at the same time as the GDPR.
Under the GDPR, EU citizens have the right to access their data stored by a company and to know how it is used. Companies are subject to oversight by government agencies. The increased security requirements necessitate greater transparency in all data processing activities.
At the same time, important synergies can be achieved within companies. Improved data hygiene within the organization builds customer trust. Deeper insights into data structures help to better understand customer relationships. Furthermore, streamlined data processing processes reduce costs. Ultimately, greater data protection benefits everyone – and targeted preparation helps achieve this.
Initial steps in preparing for the new compliance requirements can be taken through expanded documentation of data processing procedures. Guidance can be found, for example, in the following: Professional Association of Data Protection Officers in Germany (BvD) eV in Berlin.
Back to blog overview