KEY CHANGES TO THE DATA PROTECTION LANDSCAPE GDPR KEY CHANGES TO THE DATA PROTECTION LANDSCAPE

WHAT IS GDPR? A new set of rules and processes that strengthens the protection of personal data in the digital era; Regulation: One continent – one Law; Apply to individuals rights to personal data and not B2B. Coming into action on 25 May 2018. Key enabler of Digital Single Market;

What is changing ?

GDPR.. Expand its Territorial Reach; Data subjects’ Right to be informed; erasure; restriction; access; object; Data include Online identifiers, Device identifiers Cookies IDs, IP addresses, Pseudonymized & anonymous data reidentification, genetic , biometric data, GDPR.. Expand its Territorial Reach; Captures a lot of data by broadening the personal data definitions; Brings Changes to consent nature & mechanisms; Swift control back to Data Subjects; Introduces Right to Data Portability; Places Restrictions on Profiling; Consent must be Freely given, specific, informed and unambiguous indication, Easy to withdraw.

GDPR.. Increases the scope for processors; Introduces Privacy by design and by default; Talks about Data Protection Privacy Assessment (DPIA); Encourages Co- operation/ Consultation with DPAs; Imposes Security Obligations & Data breaches notifications; Makes provisions about Data Protection Officers; Introduces the leading DPA for International Organizations; Accountability: Imposes Record keeping obligations and demonstration of compliance.

FINES IS THE KING! Up to 20m or 4% of worldwide turnover € Whichever is BIGGER!! Multinational organizations are treated as a single entity!!

How will GDPR affect e-shops

Review… The way privacy information is communicated; Contracts and services with data processors; Existing data bases; Processes and mechanisms for obtaining consent; Marketing Policies; Process to handle data subjects requests; Security measures.

Preparing for GDPR Compliance

You have to… Create Awareness & Right Team; Assess how GDPR is prioritized in the operational excellence, growth, digital, data and cyber security transformation objectives. Map & Review data processing activities (what, how, when, where, why) & Security Policies & Key Partners; Make a gap analysis; Choose your right roadmap plan to GDPR; Implement; Audit.

E- business & data privacy law specialist “At its core, data protection is about simple things: respect, trust, integrity, and professionalism”. "To avoid change fatigue and maximize data monetization, you must realize the motivation found within the privacy concept”. Thank you! Penny Kontogeorgou E- business & data privacy law specialist