Skip to main content

What does GDPR stand for?

GDPR stands for General Data Protection Regulation.

When did GDPR come into effect?

The General Data Protection Regulation, or GDPR, came into effect on 25 May 2018 and replaces the EU’s 1995 Data Protection Directive.

What is GDPR?

GDPR is an EU regulation on data protection for all persons in the EU. It is thus a central regulation within international data legislation, which applies to companies that process personal data from EU citizens inside and outside the EU. It doesn’t matter where the companies are physically located: If you as a company handle data from EU citizens, the company must comply with the GDPR.

GDPR legislation

The GDPR applies to all organisations with EU or national customers and applies to any type of data, including names, addresses, email addresses and IP addresses. EU data protection legislation is set out in the Charter of Fundamental Rights, which was included in the Treaty of Lisbon in 2007. The EU Data Protection Directive of 1995 (Directive 95/46/EC) established a system for the protection of personal data processed by employers and others.

GDPR regulations

The GDPR consists of 99 articles, which contain the various rules and regulations regarding the protection of personal data and privacy. These articles cover various topics, such as the processing of personal data, rights of individuals, principles of data processing, responsibilities of data controllers and data processors, as well as sanctions and enforcement mechanisms.

Start your GDPR cleanup where it is needed the most

Sensitive data can tends to accumulate in the employees' e-mails. With a GDPR Risk Scan from DataMapper, you get a report that shows any potential GDPR risks in the company's e-mails.

Why is GDPR important?

The purpose of the GDPR is to give EU citizens back control over their personal data. People must (and should) have the right to know what information companies have about them. From a societal point of view, GDPR gives people rights to demand insight into previously uncharted territory. The regulation gives individuals a number of rights, including the right to know what personal data is collected about them, the right to have this data deleted and the right to object to its processing. Having said that, complying with the GDPR – also known as compliance – can be a big mouthful for companies.

Who does GDPR apply to?

As of May 25, 2018, all companies doing business in the EU have had to comply with the GDPR. Since the regulation gives EU citizens more control over their personal data, this means that companies must be able to protect personal data and comply with the GDPR in order to process personal data on EU citizens. The regulation applies to both data controllers and data processors.

How does GDPR affect my business?

The GDPR has a significant impact on your business as it requires all processing of personal data to be carried out in accordance with strict privacy protection rules. This means that your company must be aware of and comply with various GDPR requirements, including obtaining consent from individuals before collecting and using their data, ensuring proper handling and storage of personal data, and implementing appropriate security measures to prevent unauthorised access or leaks.

To meet these requirements, it is crucial to raise awareness of the GDPR among all employees in your company. This can be achieved through extensive training and education covering the basic principles of the GDPR, with a particular focus on handling personal data and protecting privacy. Employees should understand their roles and responsibilities in relation to GDPR compliance, including how to respond to requests for access to personal data, ensure confidentiality of data and report any security breaches.

In addition, your company should implement secure email procedures to protect personal data during communication. This may include encrypting emails, using secure passwords and authentication, and avoiding sending sensitive information through unsecured channels. By raising awareness of the importance of having a safe email, your business can reduce the risk of data leaks and breaches of GDPR regulations, while maintaining the trust of customers and stakeholders.

Get our Newsletter!

In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.

When you sign up for our newsletter you get a license for one user to ShareSimple, which will give you a secure email in Outlook. This special offer is for new customers only, with a limit of one freebie per company.

What happens if you do not comply with the GDPR?

Failure to comply with the GDPR can have serious consequences for a company. Violation of the GDPR can cost both fines and – perhaps even worse – trust.

Need help with GDPR?

To begin with, you have to accept that the journey to becoming compliant does not end immediately, but is a continuous process. To help you comply with GPDR, we have prepared a checklist for GDPR, where we have divided the process into steps, so that you can take them one at a time.

However, there is no escaping the fact that there is a lot of manual and time-consuming work associated with complying with the GDPR. To get help with the heavy work, you can make use of GDPR software that has been developed for this purpose to great advantage.

Sebastian Allerelli
Founder & COO at Safe Online
Governance, Risk & Compliance Specialist
Follow me on LinkedIn to get tips on GDPR →


How to handle sensitive personal data


How to find personal data with datamapping tool


How to prepare for a data audit