If your business collects or processes personal information from or in relation to European residents, or supplies goods or services in Europe, then your business will likely be required to comply with the GDPR. The GDPR requirements are broad, have effect internationally and can be difficult to navigate.
However, the best thing you can do now is to carefully consider how data flows into and out of your organisation and to whom. Once you have thought about this you can review your operations to assess whether you need to comply with, and how your current systems stack up with, the requirements of the GDPR.
Finally, it is worth noting that the GDPR takes compliance seriously. Businesses in serious breach of the GDPR can be fined the highest of either €20 million or 4% of their total worldwide annual revenue of the preceding financial year. That’s obviously a good incentive to ensure that you get your house in order when it comes to all things privacy related!
The GDPR came into effect on 25 May 2018, so if your business is not already taking action to ensure compliance, please contact Rebecca Halkett for assistance.