What does GDPR mean for organisations outside the EU?

[rakhirhif8963]

The GDPR sets significant fines for non-compliance: 2% of global annual turnover or €10 million, or 4% of turnover or €20 million (whichever is higher). These penalties encourage organizations to be diligent in fulfilling their obligations to keep the data they collect secure. It is impossible to predict how individual data protection agencies will respond to the first major data breaches after the GDRP comes into force, but the legal framework is finally strict enough compared to previous regulations. It should be noted that before the GDRP, some EU member states had legally capped the maximum assessed fines.

This is perhaps the most controversial, but also the most interesting aspect of the GDPR. Based on the assumption that the owner of personal data is the data subject, the EU has ruled that any person residing in any EU Member State is entitled to protection under the provisions of the document, regardless of citizenship. The actual location of the honduras mobile database collecting the data is irrelevant. However, questions about the implementation of the regulations and the procedure for imposing fines in the event of a data breach remain open. It is likely that legal teams are already preparing to address the first problems that will arise during the implementation of the GDPR.

For large multinationals operating in the EU, the scenario is fairly simple. The EU has experience in setting fines for such organisations. A much more important issue is the regulation of organisations that offer goods and services to EU residents but have no direct presence in the EU.