What is the meaning of Private Data in GDPR?

The General Data Protection Regulation (GDPR), which comes into effect on 25 May 2018, is envisioned to provide EU nationals more power over the private data regarding them that is possessed by organizations and businesses. GDPR doesn’t just pertain to companies that are situated in the EU, it pertains to any company that processes the private data of EU nationals. This implies that the launch of the GDPR is an international affair, not only a European one.

What’s Private Data?

Different bits of data are collected from people, by companies, all the time. These bits of data can include a name, postal address, date of birth, and electronic mail address. Data turns into private data when it can be utilized to isolate a person. For example, a name by itself might not be private data; particularly if it is a very popular name. Connect that name with an electronic mail address and this possibly means that a person can be known. Both pieces of info are then believed to be private data.

GDPR controls all private data that is handled. This implies any data that’s collected, used or stored by a business or organization. Approval is needed to handle information, except when there is one more lawfully convincing reason for handling.

What is Approval?

The laws surrounding approval have changed a bit, in GDPR. This is why it’s vital that companies are conscious of the conditions regarding approval, in the new law. These contain that:

  • Data subjects should be conscious of what they are agreeing to, and approval must be given without restrictions.
  • A positive action should be taken to give approval. This implies that utilizing pre-checked mark boxes is no more sufficient.
  • Approval only pertains to the particular reason for handling for which it’s applied for.

It’s vital that companies make sure they have approval for handling all private data unless there’s a convincing legal reason for handling. If companies don’t make sure that this is the situation, they might be found to be non-complying. This might lead to the imposition of exorbitant penalties and other restrictions.