The GDPR Explained

What you need to know about the GDPR.

Elisa avatar
Written by Elisa
Updated over a week ago

The General Data Protection Regulation (GDPR) is the most comprehensive European data privacy law in decades and it came into effect on 25th May 2018 replacing the Data Protection Act of 1998. 

Claimable is fully GDPR compliant and we are committed to maintaining our support and compliance going forward.

In order to make it easier to understand the changes that the GDPR has enforced and the effect it has had on businesses, this article will explain its main points. 

The GDPR aims to protect European citizens, strengthening user data privacy. Thanks to the law, individuals now have more control over how and where their data are processed. Nevertheless, the GDPR does not only affect European companies but it has global consequences. In fact, any organisations that handle EU citizens' data, regardless of their location, must adhere to the law. Non-compliance is severely punished. Organisations can be fined up to €20 millions or 4% of their annual global turnover. 

The Core Principles of the GDPR

The GDPR introduces new concepts and companies will have new obligations toward individuals. 

Here are the key points and goals of the GDPR:

Data Portability 

Companies will need to be able to provide users with their data in a machine-readable format when requested. 

The consent request form will need to use plain and clear language, avoid pre-ticked boxes and include the purpose of data processing in an easily accessible form. In addition, companies will be obliged to keep records of the consent forms received.

Right to Erasure

Also referred to as "the right to be forgotten", it means that individuals can withdraw consent and companies will be obliged to delete any information about the person exercising the right.

Right to Access

Data handlers will need to be able to provide individuals with information about where and for what purpose data are being processed.

Privacy by Design 

Technical and organisational measures will need to be implemented to show that the GDPR is fully integrated into the company activity. This also means that companies will be obliged to use only data processors that guarantee the requirements of the regulation are met. 

Claimable is committed to helping our customers comply with the GDPR and, as a data processor, we are fully GDPR-compliant.

Did this answer your question?