In the previous post, we explained what the main new roles introduced by GDPR are and what the impact of the new legislation is. Now, let's dive into more details.
Who is concerned?
If you process EU citizens data as part of your activity, regardless whether that processing occurs in or out of the EU, then the GDPR applies to you. Bear in mind that employee data and customer data ARE personal data. And the simple fact of storing that data is considered a processing activity.
Six principles of the GDPR
The GDPR is not simply a ticking boxes process to avoid a big fine. It is principles driven and aim to change the way we perceive and treat personal data. There are six principles, listed below: