The European Union’s General Data Protection Regulation (GDPR) goes into effect on May 25, 2018, replacing the European Data Protection Directive of 1995, and is designed to harmonize data privacy laws across EU member states, protecting EU citizens’ personal data. The GDPR will:
Aim to give control to EU member nation residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Apply to any company processing personal data of individuals residing in the EU, regardless of the company’s location.
Service providers should do their research to understand whether they need to pay a lot of money on new infrastructure, or if they can get substantially more out of the infrastructure they already have in place to address their unique GDPR compliance challenges. Here are some helpful resources that can inform them toward making those decisions:
We’re all going to have to change how we think about data protection … However fast regulation moves, technology moves faster. Especially as far as data is concerned.
– Elizabeth Denham, UK Information Commissioner
What Are the Penalties for Non-Compliance?
Fines for non-compliance after the GDPR goes into effect on May 25th will be as high as €20 million (approx. $24 million USD) or 4% of a company’s global revenue, whichever is greater, and depending on the severity of the infringement, such as not having sufficient customer consent to process data or transferring personal data to a recipient in a third country or an international organization.
What is Virtuozzo Doing about GDPR?
Virtuozzo products are neither controllers nor processors of personal data. Either of these responsibilities, depending on how the data is managed, belongs to service providers. To learn more, please contact us at firstname.lastname@example.org.