Trilogue negotiations on the General Data Protection Regulation (GDPR) were completed on Tuesday 15 December 2015.
Some Key Provisions
Some Key Provisions
- The GDPR establishes a single set of rules applying across the EU.
- Companies based outside Europe will have to comply with those rules when offering services in the EU.
- Fines of up to €20 million or 4% of annual worldwide turnover may be imposed for a breach.
- A clarified right to be forgotten is introduced.
- If relied upon, consent is required to be “unambiguous”.
- There will be an obligation on many companies to appoint a data protection officer.