The new General Data Protection Regulation (GDPR) came into force on Friday 25th May and since then has been generating a lot of controversy. For this reason, we have prepared a practical and easy-to-understand guide to help you better understand the subject. This is the first of three articles we will publish on the subject with the help of the Portuguese Association in Defence of Consumer Rights (Associação de Defesa dos Direitos do Consumidor or DECO).
What is the GDPR?
- GDPR are the initials by which stands for Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 (on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC).
- This is the new legislation on the protection of personal data of EU citizens, which entered into force on 25th May.
Why is it important?
- It is a decisive boost in the digital economy, in particular in e-commerce. This is one of the European Union's major challenges for the coming years, as it is essential to give European consumers more confidence in the digital environment since issues of privacy and the protection of personal data remain two of the main concerns of citizens in a digital environment.
- The GDPR aims to change the way in which public bodies or companies collect and process the personal data of their customers by creating enhanced information and security obligations.
- The rules of the GDPR apply to all companies and public bodies (despite some differences in the regime which may be decided by each EU member state), irrespective of their size or turnover, for the purpose of collecting or processing personal data from EU citizens or other non-European citizens who have been or are in the territory of the EU and whose data have been collected by them, even if the processing of their data takes place outside the EU.