Bright & Cloudy
When the GDPR comes into effect on May 25, 2018, it will replace the 1995 Data Protection Directive. Unlike the Directive, the GDPR will be immediately applicable and enforceable in all Member States. As a result, the same rules will apply across the EU. The GDPR will entail major changes for data protection policies and procedures of businesses, among others, extensive internal recordkeeping obligations, new individuals’ rights, mandatory breach notifications, privacy impact assessments, appointment of data protection officer, privacy by design and default and new regulatory powers with sanctions of up to 4 percent of the worldwide turnover or €20 million.