GDPR is a European Union law that was implemented May 25, 2018 and requires organizations to safeguard personal data and uphold the privacy rights of anyone in the EU territory.
If you process the personal data of EU citizens or residents, or you offer goods or services to such people, GDPR applies to you even if you are not in the EU.
The fines for violating the GDPR are very high. There are two tiers of penalties, which max out at €20 million or 4% of global revenue (whichever is higher), plus data subjects have the right to seek compensation for damages.
Europe’s new data privacy and security law includes hundreds of pages worth of new requirements for organizations around the world and if you are subject to GDPR you must be able to demonstrate you are GDPR compliant.
If you think you are compliant with the GDPR but cannot show how, then you are not GDPR compliant!
We can assist by providing an independent GDPR compliance assessment to confirm whether your procedures and implementation meet the requirements of GDPR. We will help identify any gaps and assist in determining corrective actions.