What is the GDPR?
The GDPR is the acronym for the General Data Protection Regulation which is a law that replaced data protection laws of every EU member state (there are 27 countries in the European Union) on 25th May 2018.
The GDPR was created to make life easier for your organisation to do business with other organisations which may not be in your country but in other EU country, but equally it was created to protect the privacy of EU individuals* as digitisation of data takes over our lives in everything we do. This law gives significant rights to the data subject on personal data that your business collects and uses in its operations. In fact what we say at Privasee, is that the GDPR gives "ownership of personal data to the data subject", although these rights are not absolute, they are strong nevertheless.
*An individual is called a data subject in the GDPR. A data subject is any individual who is resident in any of the EU countries. It does not need to be permanent residence, it could be a student from China studying at a university in Sweden. They have identical rights, as long as they are resident as a Swedish citizen. This is because "right to a private life" is a human right, and human rights are inclusive not exclusive.