What is GDPR ?


What is GDPR ?

(EU GDPR) The European Union Data Protection Regulation, which entered into force on 25 May 2018, is a regulation for the protection of the personal data of all citizens of the European Union throughout Europe.

As a requirement of this regulation, personal data and the security of these data have been implemented very strictly and have become a legislation that must be complied with by European Union-based companies, EU citizens and all companies doing business with EU countries, citizen even outside the EU.



Who is Affected ?

All companies that use and process the personal data of anyone living within the borders of the European Union, are responsible for GDP Regulation.For example, as a company you are including customer European citizens to your profile. You have to explain in detail about what purposes you use and store this data. And if intended usage changes you have to report this changes again



How Does It Work ?

The principle of accountability is one of the main objectives of GDPR. In this sense, it is necessary to take the necessary records about what kind of data is stored and to identify any risks that may occur in advance. The definition of personal data in GDPR defines more than what we think of as personal data. This means that individual  



Communique of Individual Data

Another main principle of GDPR is transparency. Personal privacy rules and notices have been used in the industry for a long time. GDPR requires detailed information to the point where the data is collected. It should also be clearly stated which legal basis is used and what is the legitimate interest in processing the data.



Data Breach

Events such as theft or alteration of personal data can have many reputational or financial consequences. Therefore, various processes should be organized to detect, report and investigate data breaches. In contrast to existing rules, the entity that controls the data should notify the Data Protection Authorities if identity theft or a breach of privacy happens. In the event of any breach, data processors should inform the data owners without delay. Determining situations that require information may be the first step in this regard. The use of a cloud-based firewall can be an appropriate and safe measure to avoid situations such as data breach, theft or disclosure of personal data. Bekchy WAF is a product that can meet the required protection and security.



Penalties

GDPR brings up to 4% of the annual turnover in terms of punishment. The maximum potential fine is 4% of global turnover (revenues / sales) or 20 Million Euros, whichever is higher, but GDPR fines are not limited to money only. Part of the regulation authorizes the Oversight Authority to prohibit the organization from conducting business