Today, I shall talk about GDPR (General Data Protection Regulation). The reason I chose this topic because I find many bloggers aren’t aware of it. There are a lot of misconceptions about it. So, if you are a new blogger or planning to start a new blog then, this post is for you. In this post, I shall try to present the A2Z of GDPR in the simplest possible form.
GDPR stands for “General Data Protection Regulation.” GDPR is a European Union law came into effect on May 25, 2018. It replaces the EU Data Protection Directive, which was adopted in 1995. The primary purpose of GDPR is to give control to individuals over their personal data to the residents of countries within the European Union (EU).
A2Z of GDPR: Things you must know
The six principles of GDPR are as follows:
- Lawfulness, fairness and transparency – One must process personal data lawfully, fairly and transparently.
- Purpose limitations – One can collect personal data only for a specific purpose. They must clearly state the purpose and only collect data for as long as necessary to complete that purpose.
- Data minimisation – One can collect personal data which is limited and relevant to their purpose.
- Accuracy – Individuals have the right to erase or rectify their data. Data processors must complete their requests within 30 days.
- Storage limitations – One must delete personal data when they no longer need it.
- Integrity and confidentiality – One must protect personal data from unauthorised access and accidental loss.
Right of Access – GDPR gives the citizens of EU the right to access their personal data and information about how this personal data is being processed.
Right to Erasure – Also known as ‘Right to be Forgotten’. GDPR gives the citizens of EU the right to have personal data erased. An individual can request erasure of personal data and the organisation must respond to their request within 30 days.
Applicability of GDPR
All public and private organisations operating within the EU must follow GDPR. It is also applicable to those organisations that are located outside the EU and does business with the residents of the EU.
In this post, I have tried to cover the A2Z of GDPR (Key points) in brief. Have any questions? Ask them in the comments section.