The General Data Protection Regulation (GDPR) was created in December 2015, and designed to ensure the right of EU citizens to basic data protection standards. It was ratified in early 2016, replacing the erstwhile Data Protection Directive (1995-2018), and it will become enforceable on May 25th, 2018. That means you still have a little time to acquaint yourself with this regulation, and figure out what you need to do in order to comply with it.

Lately, the GDPR has generated a considerable buzz online, since it’s the most comprehensive set of rules for data privacy drafted so far. This legislation’s primary goal is to create a set of easy-to-follow rules for the entire EU, which uphold the highest standards of data privacy.

What my obligations are to comply with GDPR

You may need to contact me with any concerns over GDPR compliance for any of the following:

1. Breach notification. Under the GDPR, I will inform you within 72 hours if any breach occurs that might compromise your data.
2. Right to access. Users have a right to access the information you have about them. (High volumes may incur costs*)
3. Right to be forgotten. You have the right to ask me to delete your account and all personal information I hold. You may also request me to cease sharing that information with third-party services.
4. Right to portability. Users will be able to request that you forward their records to other ‘controllers’ or services if need be.