top of page

Are You Ready for GDPR Compliance? How It Affects Any Company Doing Business with the European Union

30 January 2018 | by Christine Baird | Clarus – Real Estate & Business Solutions

Many companies in the U.S. and around the world either do not know what GDPR compliance is or believe it does not affect them – however, they need to know.  And here is why.

The European Union’s (EU) General Data Protection Regulation (GDPR) will bring about the greatest change to European data security in 20 years.

Companies that collect data on citizens in EU countries will need to comply with strict new rules that protect customer data by May 25, 2018.

If your company processes personal data or sells goods or services to citizens in EU countries, then you will need to comply with GDPR.

The GDPR not only applies to organizations located within the EU but also to organizations outside of the EU if the company offers goods or services to, monitors the behavior of, or holds personal data of EU citizens.

What Personal Data?

Other countries and organizations may define personal data and information in different ways; however, GDPR defines personal data to include any information related to a person that can be used to directly or indirectly identify the person – such as a name, a photo, racial or ethnic data, an email address, bank details, posts on social networking websites, political opinions, health and genetic information, a computer IP address, and more.

GDPR focuses on the collection, processing, and movement of this personal information.

The Penalties

The GDPR penalties for non-compliance are steep – up to €20 million (about $24 million USD) or 4 percent of annual global turnover, whichever is greater.