The General Data Protection Regulation, or GDPR, is a legal framework that sets guidelines for the collection and processing of personal data from individuals who live in the European Union.
Under the terms of GDPR, not only do organizations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obligated to protect the data from misuse and exploitation, as well as to respect the rights of data owners to have access to or to correct their own data. Failing to do any of these things will result in penalties.
But GDPR also allows for a good degree flexibility for some parts of the regulation to be adjusted by individual member states. These blog posts will contain everything you need to know about GDPR and its opaque compliance requirements. Whether you are a privacy officer trying to bring your organization into compliance or are an individual looking to take action against a data processor, our GDPR blog will provide you the answers.