What has changed?

Finally! As of December 2015 the European Union has settled on the new General Data Protection Regulation (GDPR). Since May 2018, the GDPR unifies data privacy laws across Europe.

Timetable – Data Protection

The main goals of the new GDPR are the protection of fundamental rights and freedoms of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

The new law intends to be data protection-friendlier for individuals and users. Control of personal data will be returned to the citizen. A set of principles laid out in Article 5 of the GDPR ensures that data shall be:

Heads up! In terms of responsibility and accountability, company managers have to prove their compliance to escape liability.

Financial penalties

One of the significant but very unpleasant changes is that under GDPR, firms can be fined up to €20 million ($28m) or four percent of group worldwide turnover, whichever is greater. Companies are therefore beginning to fear insolvency or even closure as a result of the GDPR penalties that will soon be very real for all businesses.

Personal data

GDPR applies only in situations involving personal data. Personal data is understood as any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, IP-adress or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Who does it concern?

All companies who are based on EU-ground as resident enterprises.

Non-European countries must also comply with the regulations if:

If you have any questions regarding one of the avobe-mentioned subjects, data protection in general, and/or a GDPR-relevant subject,

Port Zero is happy to offer consulting-services in this area, based on extensive experience and competence in the fields of Data protection, Data-Protection-Compliance, IT-Security. Our consulting-process is designed to quickly and thoroughly identify problems and risks and to find sustainable solutions in compliance with GDPR-requirements on data privacy. We will also gladly assist in implementing a Dataprotectionmanagementsystem (DPMS) and an Informationsecuritymanagementsystem (ISMS).

A further area of expertise is Informationtechnology and IT-solutions. Modern data privacy and IT-based subjects are inseparable. To ensure the best preparation for an audit und adjust applicable IT-systems, for example, a great deal of IT-expertise is required. Having accrued considerable experience over the years in the IT business, we’ve gained substantial Know-How which will certainly benefit all of our data security customers.