By now your inbox will be full of emails about GDPR. So, to make a long story short ‘General Data Protection Regulation’ or GDPR for short, is a new law within Europe designed for businesses that manage and handle data.
GDPR gives consumers better control and knowledge over their personal data and gives them the right to erase their personal information permanently from your database when they want.
The GDPR also applies to New Zealand businesses who process the personal data of data subjects residing in the EU where that processing either:
relates to the offering of goods or services to data subjects in the EU (irrespective of whether payment is made); or relates to the monitoring of the behavior of data subjects in the EU (e.g., through using cookies or apps to track users through multiple domains).
As an example; if you run an online store and a European user signs up to that store, you need to ensure the data collected is done so in accordance with the new laws.
Businesses should be actively considering the impact of the GDPR on their operations. If your business:
A: has an office in the EU
B: offers goods of services to EU subject; or
C: processes sensitive information
You should immediately take steps to comply and discuss the requirements further with your legal professionals.
Other businesses should begin to take note of the regulations, a new
Privacy Bill is currently before parliament and this is widely anticipated to include aspects of the GDPR.