GDPR (General Data Protection Regulation) is a type of legal framework that creates some guidelines to enable the collection and processing of personal information (personal information) of those individuals who live in the European Union.
The full form of GDPR is ” General Data Protection Regulation .” While GDPR is also called Regulation (EU) 2016/679, it is a type of European Union law which was drafted in April 27, 2016 and was implemented in May 25, 2018.
The GDPR came in place of the EU Data Protection Directive, which was adopted in 1995. The primary purpose of GDPR is to protect the personal data of residents living in the European Union (EU).
This 88-page GDPR document starts by protecting people’s personal data, which is the fundamental human right of a person.
The rules and guidelines of General Data Protection Regulation have been designed to support this premise. According to this, all data controllers (organizations that collect and store user data) must protect the data, at the same time it should help the users to access the data and also make the data easily transferrable.
If seen from one side, then GDPR updates the previous Data Protection Directive so that it can become relevant according to modern times and technologies.
1. Regulation 42 states that the data processors (such as websites) should completely clear their identity and together the users should ask their consent (store) of any kind to store their data. before.
2. Regulation 49 ban any type of malicious activity with reference to data, such as hacking and denial of service attacks (DDoS attack).
3. Regulation 83 states that both data controllers and processors should contribute to reduce security risks by using encryption .
4. According to Article 33.1, organizations should inform their users within 72 hours if they get to discover any data breach of any kind.
GDPR can be applied to
These GDPR guidelines should be followed by all public, private companies and organizations which are covered under the EU. Fines and penalties are applied to those that do not comply with GDPR Regulations.
By the way, GDPR is commonly associated with IT industries, such as e-commerce websites and cloud services, which apply to all EU organizations which store personal data.
For example, this includes health care services, law firms, educational institutions, scientific research firms, and government entities.
While GDPR is only enforceable within the European Union, it also applies to companies and organizations that are outside the EU and do business with EU residents.
For example, if a US-based company stores data of individuals who live in Sweden, then they must also follow GDPR regulations.
From the consumer side, GDPR protects both EU citizens and the people who live and work in the EU. Apart from this, these rules apply to all those individuals who are engaged in business transactions in any way, but they do not apply in personal and household activities.