GDPR – General Data Protection Regulation : 20 Key Points

May 24th, 2018
  1. GDPR stands for General Data Protection Regulation.
  2. Its purpose is to unify all EU member states’ approaches to data regulation, so that all data protection laws are applied identically in every country within the EU.
  3. It will protect EU citizens from organisations using their data irresponsibly.
  4. It ensures that EU citizens are in charge of the information which is shared about them.
  5. It also gives them the charge to know where and how it’s shared.
  6. The GDPR will come into force on 25 May – and even though the UK is due to leave Europe in the next 12 months, it will still apply to all businesses handling EU residents’ data, effectively replacing the Data Protection Act 1998.
  7. Any business found not complying  to the rules could be charged fines of up to €20 million or 4% of the company’s global annual turnover.
  8. The toughest fines will be reserved for the worst data breaches or data abuse.
  9. GDPR is a regulation, not a directive, the UK does not need to draw up new legislation – instead, it will apply automatically.
  10. ‘Controllers’ and ‘Processors’ of data need to abide by the GDPR.
  11. Even if controllers and processors are based outside the EU, the GDPR will still apply to them so long as they’re dealing with data belonging to EU residents.
  12. All types of data organizations who collect about people, online identifiers such as IP addresses now qualify as personal data.
  13. Other data, like economic, cultural or mental health information, are also considered personally identifiable information.
  14. Pseudonymised personal data may also be subject to GDPR rules, depending on how easy or hard it is to identify whose data it is.
  15. People have the right to access any information a company holds on them.
  16. People have the right to know why that data is being processed, how long it’s stored for, and who gets to see it.
  17. Read More on Rules for the protection of personal data inside and outside the EU on
  18. Read More On GDPR Fines on
  19. GDPR Compliance Checklist on
  20. Questions to Consider in order to assess if you are GDPR ready –


About The Author

Founder of WebPro Technologies a Web solutions company based in India which focuses on building quality web presence for businesses. Bharati Ahuja is a SEO Trainer and speaker, Web Entrepreneur, Blog Writer, Internet Marketing Consultant.


Digital Marketing Agency India