The General Data Protection Regulation (GDPR) is one of the most significant pieces of legislation to be created by the European Union (EU) in recent years. It places requirements on organisations that control and process the personal data of EU citizens to put in place adequate protection for that data.
The regulation is law from May 2018 and applies not only to organisations based within the EU, but also to organisations outside the EU that hold and process the data of EU citizens.
The introduction of this regulation requires us to look closely at the personal data we collect and process and to ensure that this is done in an appropriately transparent and fair manner, taking due account of the rights of data subjects under the GDPR.
This document initiates the project to undertake the work that needs to be done within [Organization Name] to bring its processes and procedures in line with the GDPR and to achieve compliance with it.
Views: 1
