What Is GDPR?

In April of 2016, the EU adopted new legislation protecting the privacy of internet users. The General Data Protection Regulation, or GDPR, is designed to protect users’ personal data and has sparked a big change in how governments view privacy laws.

In this article, we will discuss the GDPR and what it entails for users and businesses alike, as well as the rights that GDPR enforces for EU citizens.

Table of Contents [Show]

The General Data Protection Regulation (GDPR) was adopted by the European Council and the European Parliament on April 27, 2016. It took two years to take effect, on May 25, 2018, replacing the EU’s original 1995 Data Protection Directive.

Essentially, the GDPR is a data protection legislation designed to give EU citizens more control over their personal data. The amendments are designed to reflect the world we’re living in now as opposed to in the 1990s; a highly-technological age where personal data goes beyond the physical world and is now accessible via the internet.

GDPR - General Data Protection Regulation

Personal data, in the context of the GDPR, can be defined as “any information that relates to an identified or identifiable living individual”. Separate pieces of information, which when put together can lead to the identification of a particular person, also constitutes a form of personal data. Examples of personal data include:

Names and surnames
Race and gender
Sexual orientation
Political stance
Health information
Home addresses
Email addresses
Identification card numbers
Location data
IP (internet protocol) addresses
Cookie IDs
Advertising identifiers

The GDPR applies to both companies operating in the EU and companies operating elsewhere, but selling goods and services to EU citizens. All businesses, whether small or large, must comply with the regulations. There are exceptions for some companies, however, who work with data as a core function of their business and have proven no harm or risk to citizens. Ultimately, this means that most corporations need to be GDPR compliant.

The GDPR sets out seven main principles:

Lawfulness, fairness, and transparency: All personal data should be processed lawfully, fairly and in a transparent manner in relation to all persons.
Purpose limitation: Data should be collected for specified, explicit and legitimate purposes only, and not further processed in a manner that is incompatible with those purposes.
Data minimisation: This data must be adequate, relevant and limited to what is necessary in relation to the reasons for which they are being processed.
Accuracy: The data should at all times be accurate and, wherever necessary, kept up to date.
Storage limitation: Personal data should be kept for no longer than is absolutely necessary for the purposes for which the personal data are processed, except when the data is used for purposes that will benefit the public (for example for scientific, historical or statistical purposes).
Integrity and confidentiality: The data should be processed in a manner that ensures the appropriate security of the personal data.
Accountability: The controller shall be responsible for and be able to demonstrate compliance with the above principles at all times.

In order for a business to be GDPR compliant, they need to follow the above seven principles in relation to a person’s data. Failure to comply will result in disciplinary action, and fines of up to 4% of annual global revenue or 20 million Euros, whichever is greater.

Even as a freelancer – be it a writer, designer, developer, or any other independent professional – GDPR compliance is vital for building client trust, avoiding substantial penalties, and showcasing your dedication to data privacy.

In addition to the seven principles of GDPR compliance, there are eight basic rights that the GDPR protects:

The Right to Information
The Right of Access
The Right to Rectification
The Right to Erasure
The Right to Restriction of Processing
The Right to Data Portability
The Right to Object
The Right to Avoid Automated Decision-Making

These rights are upheld by the GDPR in order to give individuals more autonomy in regard to their personal data privacy.

The right to access allows you to request and gain access to any information that a company has collected about you. The rights to automated processing, erasure and data portability allows individuals to request that data is erased, and gives you the right to choose whether or not you want to provide the information.

Compliance

The GDPR sets out specific requirements for how businesses must process personal data. Failure to comply with these requirements can result in significant fines and reputational damage. For example, British Airways was issued with a £183 million fine by the Information Commissioner’s Office (ICO), which was the biggest fine issued by the office up to that date.

Trust

GDPR-compliant businesses can demonstrate to their customers that they are completely trustworthy; it shows that they take data privacy and security seriously and can be trusted with their personal information.

Competitive Advantage

GDPR compliance can be a competitive advantage for businesses, as customers may choose to do business with companies that demonstrate a commitment to protecting their personal data rather than with those that don’t.

Conclusion

Compliance with the GDPR is important for businesses as it sets out specific requirements for how personal data must be processed, failure to comply can result in significant fines and reputational damage. GDPR compliance can also be a competitive advantage for businesses as it demonstrates a commitment to protecting personal data, which can build trust with customers.

Overall, the GDPR is an important step towards protecting personal data privacy in the digital age. These regulations can set the precedent for how data privacy should be handled worldwide, and can help to protect individuals from crimes such as data theft or identity fraud.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	Cloudflare set the cookie to support Cloudflare Bot Management.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
sib_cuid	6 months	SendinBlue sets this cookie to store unique visits.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_fbp	3 months	Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.

Cookie	Duration	Description
_tt_enable_cookie	1 year 24 days	Tiktok set this cookie to collect data about behaviour and activities on the website and to measure the effectiveness of the advertising.
_ttp	1 year 24 days	TikTok set this cookie to track and improve the performance of advertising campaigns, as well as to personalise the user experience.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
po_visitor	1 year	Push Owl places this cookie in order to test the effectiveness of advertisements across websites.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
uuid	6 months	MediaMath sets this cookie to avoid the same ads from being shown repeatedly and for relevant advertising.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Feedback / Suggestions

What is GDPR?

Table of Contents [Show]

What is GDPR?

What is GDPR Compliance?

The 8 Basic Rights of GDPR

Why is the GDPR Important for Businesses?

Compliance

Trust

Competitive Advantage

Conclusion

Feedback / Suggestions

What is GDPR?