GDPR
Home » GDPR
The General Data Protection Regulation (GDPR)
GDPR basics
The General Data Protection Regulation (GDPR) is a new privacy legislation that replaces the EU Data Protection Directive (Directive 95/46/EC) within the European Union. The GDPR regulates the collection, use, transfer, and sharing of personal data with the key purpose of protecting it.
What constitutes personal data?
Who does the GDPR affect?
The GDPR affects companies processing the personal data of individuals residing in the European Union, regardless of a company’s location. It applies not only to organisations located within the EU, but also to organisations located outside of the EU if they offer goods or services to or monitor the behaviour of EU residents and/or citizens.
How will the GDPR affect businesses?
What new user rights does GDPR regulate?
- Right to Access. EU residents and citizens (or “Data Subjects,” as they are called in the regulation) have the right to obtain confirmation from the organisation that has collected their data as to whether their personal data is being processed, where, and for what purpose. They also currently have (and will continue to have under the GDPR) the right to receive a copy of this personal data.
- Right to Be Forgotten (or Data Erasure). Data Subjects can demand that the organisations erase their personal data and cease further dissemination of the data.
- Data Portability. Data Subjects can receive the personal data concerning them (which they have previously provided) in a machine-readable format and have the right to transmit that data to another organisation.
Why is it so important for businesses to be compliant?
What changes is Expanse Group making for the GDPR?
- Review and update of all Policies and Procedures relating to Data and Information.
- In-depth Data and Information Security Audits.
- Ongoing review of all IT infrastructure and software.
Where can I learn more on how Expanse Group processes data for customers?
Expanse Group maintains a Privacy Notice on our website that outlines how we collect and use data, how we share the data of customers, end users and leads.
Please note, the existing Privacy Notice will be updated for GDPR prior to the GDPR effective date, May 25th