GDPR and AVS

If you’re doing business in the EU, you’ll need to comply with the new General Data Protection Regulation (GDPR). AVS can help support GDPR requirements.

What’s new for EU data protection?

On May 25, 2018, the EU Data Protection Directive will be replaced by the General Data Protection Regulation (GDPR). GDPR expands protection for EU residents, giving them greater control over the collection and use of their personal data and online activity. It broadens the scope of the law to impose direct statutory obligations on data processors and non-compliance fines of up to €20 million or 4% of annual worldwide turnover (whichever is higher) for material breaches.

GDPR Summary

Business requirements

Organizations subject to GDPR oversight are responsible for the following:

 

  • Appropriate measures for protecting personal data

  • Transparent data handling processes

  • Ability to demonstrate compliance

  • Accountability regarding data privacy governance

Who has to comply?

GDPR applies to organizations involved in the following activities:

 

  • Processing of personal data in the EU

  • Having subsidiaries, branches, representatives or agents in the EU

  • Offering goods or services to individuals in the EU

  • Monitoring the behavior of individuals in the EU.


What data does GDPR cover?
 

GDPR covers personal information which is defined broadly to include types of data that could identify an individual, including but not limited to:

  • Names

  • Addresses

  • Contact details

  • HR records

  • Device IDs

  • IP addresses

  • Cookies

  • RFID tags

  • Location data