The European General Data Protection Regulation (GDPR) sets strict obligations for processing any personal data coming from the European Union territory. It applies to all data that can be linked to individuals, including contact details, IP addresses, credit card numbers, CCTV footages, etc. Non-compliance is a source of severe legal and financial risks: up to 20 Million Euros or 4% of yearly worldwide turnover. The GDPR also intends to limit the access of non-complying companies to the European market. For instance, all European data controllers (any company that collects and processes personal data) have the obligation to assess and choose data processors that comply with the GDPR. They are not any more authorized to share personal datasets with companies that are not committed to respect and comply with the GDPR. If they transfer data to a non-complying company, they are directly exposed to the above mentioned legal and financial risks.
The good news is that complying with the GDPR is also a source of competitive advantage for companies committed to protect personal data. It can facilitate their B2B relations in Europe, including their access to call for tender. Privacy Pact enables companies to express their commitment to respect the rules and principles contained in the GDPR, regardless of their location.
Access the GDPR official text.