FAQ
Q . What impact will the GDPR have on companies based outside of the EU ?
The GDPR is focused on the rights and freedoms of EU citizens . If you are processing data on , or providing goods or services to , EU citizens , then you will need to comply , regardless of your location .
Q . Will Britain ’ s decision to leave the EU impact on the GDPR ?
The UK Government has committed to complying with the GDPR by 25 May 2018 , under the same timescales as the EU . So , Brexit makes no real difference assuming that post Brexit , the UK will have implemented the GDPR and will be deemed an adequate jurisdiction for data privacy .
Q . How will the GDPR be enforced ?
The EU Commission will increase the powers of Supervisory Authorities ( SAs ), the local geographic data protection bodies . These will include investigative powers ( audits , reviews , notifications ) and supervisory powers ( warnings , compliance orders , fines ) and will be supported and underpinned by the rule of European Law . Member States will have individual discretion to decide the rules on criminal sanctions for infringements of the GDPR .
Q . Will the new legislation be applied to information we already have stored within our systems ?
Yes . Once the act is in force it will apply to all personal data relating to EU citizens regardless of when it was acquired .
Q . What are the financial implications for non-compliance ?
Fines imposed could be up to the greater of EUR20 million or 4 % of worldwide turnover .
SAN FRANCISCO | NEW YORK | LONDON | READING | PRAGUE | KUALA LUMPUR | SYDNEY