General Data Protection Regulation (GDPR)
What is the General Data Protection Regulation?
The General Data Protection Regulation (GDPR) is one such legal framework that sets guidelines for the acquiring and processing of personal information from people who are residing in the European Union (EU).
However, irrespective of where the website is based, this regulation applies equally. Thus, it must be taken care of by all the sites that get European visitors, even if they don’t Market or promote their products and services to EU residents.
Under the GDPR, it is mandatory that the EU visitors must have a number of disclosures in terms of data. The site must also take some steps to streamline EU consumer rights with a periodic notification in case there is any breach of the personal data. Although GDPR was adopted in April 2016; however, it came into complete effect in May 2018.
Requirements Mentioned by the GDPR
Under the GDPR rule, visitors must get the notification of data that the website is collecting from them. Not just that, but the visitors must also give their consent for the use of data, by clicking on the Agree button or any other action provided by the website.
Talk to our investment specialist
This requirement specifically explains the universal presence of disclosures that websites collect “cookies” – which are the small files holding personal information of visitors, such as their preferences, site settings and more.
Moreover, websites must also let the visitors know periodically in case the personal data, held on the website, has been breached. These requirements for the EU could be more stringent than those requirements by the jurisdiction wherein the website is located.
Also, the GDPR mandates the assessment of the data security and whether an individual Data Protection Officer (DPO) must be hired or whether the existing staff of the website is capable of handling this function.
The websites must also include the information that lets the visitors know about how they can contact the DPO or other staffers so that the visitors can easily exercise their EU data rights, which also comprises the accessibility to complete erase their presence on the website.
Furthermore, for the protection of visitors and consumers, the GDPR also calls for Personally Identifiable Information (PII) that the website collects to either pseudonymized (replacing the identity of the customer with a pseudonym) or anonymized (keeping the identity anonymous).
All efforts have been made to ensure the information provided here is accurate. However, no guarantees are made regarding correctness of data. Please verify with scheme information document before making any investment.
AMFI Registration No. 112358 | CIN: U74999MH2016PTC282153
Shepard Technologies Pvt. Ltd. (with ARN code 112358) makes no warranties or representations, express or implied, on products offered through the platform. It accepts no liability for any damages or losses, however caused, in connection with the use of, or on the reliance of its product or related services. Terms and conditions of the website are applicable.
©2024 Shepard Technologies Private Limited. All Rights Reserved