The newly enacted GDPR has given rise to a new role, vital even to companies located outside the European Union—the DPO
On May 25, 2018, the much-publicized European Union General Data Protection Regulation (GDPR) came into force, marking the biggest change in data protection legislation in Europe for over 20 years. Many will be aware of the GDPR’s application to businesses established in the EU. What is less well understood is that, in some circumstances, the GDPR can also apply to businesses located outside the EU. This is referred to as the extraterritorial effect of the GDPR, and effectively extends the scope of EU privacy law to businesses located outside the union that:
For daily updates, subscribe to our newsletter by clicking here.
• offer goods or services to individuals who are in EU
• monitor the behavior of individuals whilst they are in EU
Organizations that find themselves handling personal data under the extra territorial rules must fully comply with the GDPR in relation to the collection and use of this data. They must also appoint a representative in the EU who can act as a local point of contact for individuals (who may wish to exercise their privacy rights under the GDPR) and for data protection authorities (in case they may want to take any enforcement action).
Clique aqui e leia a matéria completa.