GDPR

The General Data Protection Regulation (GDRP) is the new legal framework of the European Union that governs the collection and processing of users’ data. The GDPR will come into effect on May 25, 2018. The GDPR applies to all entities based in an EU country that personal process data and all entities around the world that unique process data belonging to residents of the European Union.

Data is the oil of the 21st century in the digital economy in which we currently submerge. This was made clear in its article in the London newspaper The Economist in 2017. Those companies capable of extracting the data and using it strategically will be able to increase their sales, improve customer service and boost retention rates.

Thanks to the digital transformation resulting from the invention of mobile technology such as smartphones and tablets, along with innovations in mobile networks and Wi-Fi, both the creation and consumption of data are constantly growing. Currently, the amount of data generated every day is overwhelming. To give you an idea, in 2020, each person created 1.7 MB of data per second.

When we stop thinking about how the tremendous technological powers exploit everything they know about us, the dilemma comes. As a result, new policies and regulations have been formulated to regulate this data sharing and protect privacy. One of them is the European Data Protection Regulation (RGPD), a regulation that all companies must know to avoid sanctions. In this article, we delve into it.

What is the European Data Protection Regulation (GDRP)

The European Data Protection Regulation (GDRP) is the regulation that regulates the collection, use and exchange of personal data. It is applicable at the European level. Therefore, it concerns all those legal entities resident in the EU. However, this regulation does not affect the information related to legal persons, that is, companies (although it does concern their employees or managers). It complements other national regulations, such as the Organic Law on Data Protection (LOPD).

It should be clarified that personal data means all information relating to a natural person, including personal data such as family situation, address, telephone number, e-mail, location, gender or age. But they also include sensitive data, including political, ethical or religious opinions, medical information or criminal records. As established by the regulation, all these data must be protected not to harm the individuals they are a concern.

Likewise, the concept of personal data  extend to include “unique identifiers” such as the IP of a computer used in Digital Marketing to know the behavior of users and provide them with personalized content and advertising for an optimal shopping experience.

The GDPR has been in force since 2016, although it was not mandatory until May 25, 2018. This transition period allowed companies to adapt to these new requirements to establish a global standard for data access. Protection and control.

Is this Regulation Necessary

Absolutely yes. As you have been able to verify with the figures that we have announced at the beginning of this article, a vast amount of data  generate globally that companies could use freely if there were no regulations to regulate the matter.

Public concern about data privacy is not new. The European Union already published a Directive on the treatment and protection of personal data in 1995, long before the Internet became the undisputed protagonist of our lives. Therefore, this regulation outdate and did not address the multiple mechanisms used today to store, collect and transfer data.

As revealed by a study on trends and risks of Spanish online consumers carried out by the Russian cybersecurity company Kaspersky in 2012, 37 % of users feared the loss of their bank details on the Internet.

As consumers gain access to more in order and become aware of data security. They expect more transparency and responsiveness from the entities that store and manage their personal information. Therefore, it  conclude that a regulation such as the RGPD is necessary for the current socioeconomic market.

Who is Required to Comply with the GDPR

The companies and public entities affected by the GDRP process personal data domiciled in the European Union or whose services are aimed at citizens of the European territory. Thus, commercial companies and self-employee workers, public bodies or associations  include.

Fines for minor infringements reach up to 40,000 euros, but the consequences of breaching the GDPR can be worse, reaching 20 million euros or representing 4% of the company’s global profits.

But is the law being applied rigorously? Unfortunately yes. A notorious case the fine impose on Google in 2019, which reached 50 million euros due to poorly describe data processing.

Another example was the fine of 204 million euros to the company British Airways after suffering a security breach that exposed data on credit cards belonging to more than 500,000 customers.

What does the General Data Protection Regulation Contemplate

The General Data Protection Regulation comprises 99 articles, challenging to summarize in these lines. However, the regulations are based on seven fundamental principles in general terms. Legality, fairness and transparency; purpose limitation; data minimization; accuracy; storage limitation; security, integrity and confidentiality; and accountability.

Throughout these 99 articles, the GDRP regulates that companies must guarantee that personal data  collect legally and under strict conditions. In addition, the entities that contain and manage it  obligate to protect that data from misuse and exploitation.

On the other hand, the European regulation contemplates the “right to  forgot” that grants additional freedoms to people who no longer want their data to process to delete, as long as there no reasons to retain it. In this way, each person who wishes can immediately regain control over their data.

As a professional and to improve your commercial and sales profile. You need to know the existence of this regulation since, as you can see, it affects the company’s commercial activity. Forcing it to ensure the protection of its client’s data. Therefore, if you want to learn new skills in the area of ​​Sales, Sales and Marketing, one of the best Masters in Business Management in Madrid awaits you.