GDPR is the European Union’s new regulation that will come into effect on May 25’ 2018 and requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. Any non-compliance could cost companies dearly and fines of €20m or 4% of annual global turnover can be levied, whichever is greater.
The law applies to all organizations that offer goods and services to people in the European Union (EU), or that collect and analyze PII data tied to EU residents, no matter where they are located.
What is PII data & where can it be?
Personally identifiable information (PII), as the name suggests is any data that could potentially identify a specific individual. It can be any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data.
What does it mean to end users and service providers?