The GDPR Regulation. The What

What are the key changes under GDPR


Personal privacy

Individuals (data subjects) have the right to:
  • Access to their personal data
  • Correct errors in their personal data
  • Erase their personal data
  • Object to processing of their personal data
  • Export personal data

Controls and notifications

Businesses can comply if they:
  • Ensure appropriate security to protect personal data
  • Notify authorities of personal data breaches
  • Obtain appropriate consents from stakeholders to process the data
  • Keep records and document data processing activities

Transparent policies

Organisations are accountable and must:
  • Provide clear notice of data collection requirements
  • Outline data processing purposes and use cases as examples
  • Define data retention and deletion policies

IT and training

Organisations will need to:
  • Train privacy personnel and employees
  • Audit and update data policies regularly
  • Employ a Data Protection Officer (if required)
  • Create and manage appropriate vendor contracts

What does GDPR mean to protect data and privacy