The right to privacy and data protection is the hallmark of a democratic society.
Ever since GDPR has launched, organisations are becoming more aware of the rights of individuals. Businesses, collect and use personal data need to be clear about their motives.
Nowadays, organisations collect a whole range of personal information, both personal and non-personal.
The data items, for example, names, addresses, email addresses contact information etc. satisfy the definition of personal data and hence fall under the scope of GDPR.
If you are operating your business within the EU and have clients, users or members in the EU, you must comply with provisions of the GDPR to avoid violations of the law.
The GDPR requires companies to be transparent. They must ensure what they do with this data, how the data is gathered and make sure that it is processed in a fair and transparent manner.
The GDPR has created a whole range of privacy rights and protections for individuals and consequently the organisations are obliged to become compliant or face legal action.
Article 13(1) and (2) of the GDPR says that the data controllers must publish the necessary information at the time the data is being collected.
What to do now?