The General Data Protection Regulation (RGPD) is a European law concerning the storage of personal data on the web. It will be applied from May 25, 2018.
For almost two years we have been hearing about this law. Indeed the RGPD is in reflection by the European Parliament since April 27, 2016.
1. Objective of the RGPD
The purpose of this new law is to replace the directive on the subject of personal data from 1995.
By creating such a law, the European Union wants to create the reference text for all member states. And also allow Internet users to be more serene by browsing their favorite sites.
2. How it works ?
All personal data that identify a natural person, such as a photo, a name, an IP address, a phone number, an email address, a postal address, … must be deleted by a simple request from the Internet user to the site managers.
3. Who does this law apply to ?
The RGPD applies to any entity that manipulates personal data concerning European persons. Whether it’s a company, a subcontractor or even an association.
To know also that this text does not apply only to the organizations of the European territory, but to all the organizations which collect European personal data. Also know that no organization is exempted by this law, whether large companies like Google, or small start-ups that are entering the market.
4. And the user ?
For the user, the RGPD allows several protections. The organizations collecting the personal data must obtain the written consent of the user in advance.
Before being able to register on social networks, the organization must have received parental approval for a child to register.
The RGPD also gives the right to forget, that is to say that the user can ask the managers of a website to delete all personal data about him.
5. Are there any penalties ?
In case of non-compliance with this law, organizations may have particularly high penalties, fines up to 20 million euros or 4% of the total annual global turnover of the previous year, knowing that is the highest amount that is retained between the two scenarios.
5. What you must remember
The RGPD is a text to protect European Internet users from all entities (anywhere in the world) who handle personal data to identify a natural person. The user has the right to request the deletion of his data to the organization, which will delete the data on request. In case of infringement, the organization incurs a particularly high fine.