Will your organisation be GDPR Compliant on 25 May 2018?
Fail to implement the right changes – or convince colleagues that changes need to be made – and you could land your organisation fines of up to 20 million euros.
The new law
On May 25th 2018, a new law comes into effect across the European Union: the General Data Protection Regulation (“GDPR”). It creates a dramatically more onerous environment for collecting and handling personal data of individuals, and applies to all businesses. Why it matters
GDPR is not limited to the EU. Any US business which sells goods or services to individuals in the EU, or which monitors individuals in the EU, is also caught by it. It makes no difference whether a business has any formal presence in the EU.
As such, GDPR is a key legal development for all US businesses with a UK or EU customer base.
What it meansThe requirements of GDPR are far reaching. Key obligations such as “the right to be forgotten” and “privacy by design” have the potential to impact upon the core of how businesses interact with their customers.
It is likely to require numerous changes to policies and legal documents, business practices, the IT environment, record-keeping and reporting obligations.
Non-compliance presents not only reputational but also financial risk. Breaches are punishable by very significant fines of up to €20 million or 4% of global annual turnover (whichever is higher).
ACE is hosting a special webinar on 24 January to help you prepare for the changes to handling data.
Working alongside Department of International Trade to promote export and inward investment to global businesses
Please bear with us.
If an error is encountered, contact us at
firstname.lastname@example.org or 020 7222 6557