GDPR is coming and it will change your data management
Are you an European citizen? If the answer is yes, from May 25, you will have to give your irrefutable consent so that companies can use your data. Moreover, they will have to tell you what data they are using, how they are being treated, and what and who is the person responsible for them. A new data protection law is coming into force across Europe: GDPR (General Data Protection Regulation). A regulation that affects all those companies that treat data of European citizens, even if the companies are from the United States, such as Google or Facebook.
New rules, new roads
Controversy is served: Those who doesn’t follow the rules, will have to face big fines and penalties. But beyond the statement, users will find a new way of knowledge about what information they gave and how is it treated.
GDPR, or General Data Protection Regulation) is the new norm that regulates the protection of the data of the citizens who live in the European Union.
The regulation entered into force on May 24, 2016. However, it will be mandatory since May 25, 2018. It is going to affect all of us who live in the European Union. Companies, regardless of their country of origin or activity, must comply with it if they collect, save, process, use or manage any type of data of citizens.
Despite being a real big deal for companies which will have to control its activities from a new perspective, the benefits are also there. And they are real. There will be new tools to control the data (since the information has to be broader, accessible, direct, understandable and clear than what is done now). New rights are rising, and more power is given to the data protection agencies of each country.
Shape of data
Data is everything. Any information related to an individual that can be used to identify it directly or indirectly, is data. It can be anything: a name, a photo, an email address, bank details, publications on social media, medical information or even an IP address of a computer.
But how is this going to work?
The data request can’t be confusing or irrelevant. With the entry into force of GDPR, it must be given in an intelligible and easily accessible form, for the purpose of data processing attached to that consent. To sum up: the consent must be unequivocal, clear and distinguishable from other matters. Companies will have to show their conditions in an intelligible and easily accessible way, using clear and simple language.
GRPD aims to end up with dark, illegible and incomprehensible clauses, and facilitate the user experience, who should be able to know what he is facing and chose a real value for his own private data.