The French privacy organisation CNIL has fined Google for 50 million euros for not adhering to the GDPR privacy rules. It is the organisation’s opinion that Google is not clear enough about how it uses information to provide personalised advertisements. Because users have to go through too many steps to see what information the internet company collects from them and because they collect without explicit consent, Google now has the dubious honour to be the first big organisation to be fined for not adhering to the GDPR.
Google’s response is that it takes the GDPR serious and that it works hard to comply to it. They also stated that they currently look into appealing the fine.
What is GDPR?
GDPR stands for General Data Protection Regulation. Europe has the strongest data protection rules and the GDPR was enforced on 25May 2018. The purpose behind the regulation was to modernize the laws that deal with the protection of personal data. The previous rules for data protection in Europe were made in the early 1990’s and hence, were quite outdated. The GDPR provides more rights to EU citizens which, as a result, provides more protection to their personal data. This new legislation for dealing with personal data has changed the ways how companies deal with and handle the data of their customers and clients.
Do you need to be GDPR compliant?
All companies that have B2C customers in the European Union need to be GDPR complaint. That means that even when your company is based in the US, Asia or Australia, you need to take GDPR measures if you serve private individuals in the EU.
Is your company GDPR compliant?
One must never ignore the concept of data protection and privacy, especially if you run a business. Being compliant to the GDPR is not a one time thing or formality. It is an ongoing process and a way to run a successful business with loyal customers. For those customers it must always be clear how their personal data is being used and with whom it is being shared. The GDPR puts a lot of responsibility on companies by providing the users and customers with a lot more rights than they previously had.
If you are new to the subject, then you may be really confused and not sure about how you are supposed to become GDPR compliant.
What Stroop! can do for you
At Stroop! we have experience with implementing the GDPR into the day-to-day processes of companies, taking away the need for you to read the 86-page document. In the end it is not difficult to be GDPR compliant, you just need to know what you have to do and which documents you need to have.
In our next newsletter we will write more about the GDPR and what you can do to spend as less time as possible on it.