GDPR is the 679/2016 European Regulation for the protection of Personal Information and the safety of the private life of the citizens of the European Union, effective since May 25th 2018. It came and replaced the last important part of the 95/46/EK Directive regarding “EU Confidentiality,” dated since 1995, before the Facebook and Google era.
Many things have changed since then, especially in the way the Internet is used by businesses and natural persons, and in the role of exchanging information and data in our life, so the Regulation was updated.
In our country, GDPR is integrated into the national legislation with the 4624/2019 Law.
GDPR:
- It updates the privacy legislation in order to take into consideration the most recent technical developments and the way we use them.
- Increases the limitations on what can businesses do with the personal information of their workers, customers, partners, and suppliers.
- It extends the rights of people so that they can have access to and control their data.
- It extends the limitations and imposes personal information protection assurances to business that are established outside the EU, in case they manage data collected within its territory.
The application of the regulation is not a luxury, but an obligation and an act of a civilised society.
Its non-application, aside from the administrative fines that sooner or later will be imposed, could cause enormous damage to the fame and operation of the business.