GDPR/CCPA
Compliance

About GDPR

• The General Data Protection Regulation 2018 (GDPR) is the foremost part of the European Union’s legislative framework for consumer data privacy and security

• It replaces the previous Data Protection Directive 1995, with new tighter rules and more enforcement teeth

• And, together with the Privacy and Electronic Communications Regulations (PECR), it means that the EU now has some of the strictest data protection laws in the world​

 

About CCPA

• The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. 

• The law secures new privacy rights for California consumers, including:

1. The right to know about the personal information a business collects about them and how it is used and shared;​

2. The right to delete personal information collected from them (with some exceptions)

3. The right to opt out of the sale of their personal information; and

4. The right to non-discrimination for exercising their CCPA rights

 ​

​GDPR Data Categories Affected By Law

• Personal data that can identify an individual (eg. name, address, ID number, email)

• Web data, such as location, IP address, cookie data, and RFID tags

• Special Category Information like health and generic data, political opinions, biometric data, race, ethnicity, and
  sexual orientation

 ​
GDPR Data Subject Rights

• Right to be informed - companies must be transparent in their use of personal data

• Right to access - individuals must know exactly what data is stored and how it is processed

• Right to erasure - individuals must be able to correct inaccurate or incomplete data

• Right to restrict processing - individuals must be able to delete or remove any personal data on request

• Right to restrict processing - individuals can block or restrict the processing of their data

• Right to portability - individuals must be able to retain and reuse data for their own purposes

• Right to object - individuals are entitled to object to the use of their personal data

• Right of automated decision making and profiling - individuals are protected from the risks of potentially damaging decisions being made without human intervention​

​ 

GDPR Severe Financial Penalties

• Companies may well have to invest considerable time and money integrating GDPR compliance into operational procedures

• This is because the EU has designed financial sanctions, so as to make GDPR non-compliance costly - up to €20 million or 4% of the global annual turnover (whichever is higher)

• The EU, together with subordinate national data protection agencies, has ramped up enforcement efforts in recent years

• Total GDPR fines have grown from $179 million to $1.2 billion between January 2021 and January 2022 - a sevenfold increase

​ 

GDPR For Non-EU Companies

• Most overseas companies that do business within the EU must actively respect the GDPR protocol

• This includes those offering EU data subjects goods or services (even when free) and those monitoring the behavior of individuals within the block

• This is regardless of whether the company has an EU office or not - even having a website available in the EU can be enough for liability

• Regardless of where you're located, it's crucial to ensure that you are fully compliant with GDPR
    

GDPR Improving Marketing Strategies

• Beyond cementing trust with clients who are increasingly worried about online privacy, GDPR compliance brings many benefits for marketers: 

1. Sustainable marketing strategy

2. Trust with clients and customers

3. Accuracy, security, and organization of data

4. Efficiency of Martech selection process

5. Improved relationships with DPO, C-Suite, and other departments

6. Peace of mind from conducting business in an ethical fashion
   ​

Disclaimer

To the maximum extent permitted by applicable law, we exclude all representations, warranties, and conditions relating to our website and the use of this website.

 

Nothing in this disclaimer will:

• Limit or exclude our or your liability for death or personal injury;

• Limit or exclude our or your liability for fraud or fraudulent misrepresentation;

• Limit any of our or your liabilities in any way that is not permitted under applicable law; or

• Exclude any of our or your liabilities that may not be excluded under applicable law

 

The limitations and prohibitions of liability set in this Section and elsewhere in this disclaimer:

(a) are subject to the preceding paragraph; and

(b) govern all liabilities arising under the disclaimer, including liabilities arising in contract, in tort and for breach of statutory duty

 

As long as the website and the information and services on the website are provided free of charge, we will not be liable for any loss or damage of any nature.

​

​

Last updated by IDFree.com, April 2024

 

​