The RGPD (General Regulation on Data Protection) is the new European regulation on the protection of personal data of individuals.
Much more than the introduction of a new legal framework, the RGPD can become a real asset for European companies in the digital sector. The simplification of the regulatory framework, which standardizes practices in the European Union, gives a new opportunity for international companies to become world-renowned by becoming the champions of personal data protection.
Indeed, contrary to US law, the RGPD provides European consumers with a strong protection of their personal data. By reinforcing companies ‘obligations regarding the processing of their customers’ personal data, this new regulation also reinforces their confidence in these companies. Well exploited, the RGPD can thus become a real springboard that will allow a greater development of digital activities (such as e-commerce) and thus boost the growth of European companies active on the net.
From now on, each member country of the European Union will be subject to the same obligations of protection of personal data, in order to fight more effectively the non-respect of the confidentiality of information relating to European citizens.
Every company with this information, (even SMEs and very small businesses!), Will have to prove that they are protected and impossible to exploit by others, without the consent of the consumer. And this, wherever these companies are in the world!
In addition, the citizen must be clearly informed of the purpose of the collection and processing of his personal data. The right to be forgotten must be respected and applied! In case of loss or theft of personal data, the company must inform the CNPD no later than 72 hours. If the risk seems high, customers should be notified immediately.
A series of sanctions is provided for in case of a breach of this new regulation, which will vary according to the importance of the data as well as the intentional nature of the fault. The fine of up to 4% of the annual turnover of the company.
Thanks to this greater transparency, the consumer regains the control of his personal data as well as a greater confidence in the company with which he is in relation. Companies are thus empowered to respect the private data of their customers.
This is the perfect opportunity for European companies to position themselves as experts in the protection of confidentiality and thus increase the trust of their clients.
While the objective of the DGPR / GDPR is to be welcomed, its implementation remains complicated, especially for SMEs and very small businesses that do not have the human and financial capital to implement this new regulation. Nevertheless, the level of requirements will not be the same depending on the type of data processed and the volume of these, something to reassure these small companies.
The difficulties are greater for software publishers who must ensure their own compliance but also ensure that their customers also comply with the new guidelines. These publishers will also be held responsible in case of non-compliance with the rules in force by their business partners or their subcontractors!
The DGPR is an excellent shield for companies that have to cope with the increase in cyberattacks following the influx of data and guard against unscrupulous practices. But to meet the challenge, you have to call on the right people.
It is therefore a question of being surrounded by specialists who will put your company in line with the European directives and which will strengthen the trust of your customers in your company.