GDPR: Threat or opportunity for those dealing with EU?
The EU General Data Protection Regulation (GDPR) is in force, applying to virtually all entities active in the EU (and those outside EU that deal with EU). GDPR application becomes mandatory by 25 May 2018, when all entities affected should be compliant.
Non-compliance with GDPR (described also as the world’s strictest data privacy regulation) involves heavy fines, which can reach 20 million euro or 4% of the world income of the organization in breach.
Compliance with GDPR requires every entity affected to adopt data protection procedures, supported with relevant documentation and IT infrastructure. This is not a simple process, as it involves both set up of a structure and coordination of more fields of expertise.
Non EU based companies which deal with EU entities or citizens, are under the duty to implement GDPR procedures regardless of them having an establishment or not in the EU. This suggests that they should be ready by 25th May 2018, in all respects, to establish relevant procedures and to be able to show that they have covered GDPR requirements.
As from 25th May 2018, EU commercial partners will be requesting that their non-EU partner be GDPR compliant. Accordingly, those non-EU companies that will have implemented GDPR, will have an advantage in starting new business (or maintaining existing ones) in case they are GDPR compliant and will be able to promote their activity by advertising such compliance.
To meet the challenges of GDPR, Manolis Eglezos and Associates Law Firm participates in a team covering all aspects of it, offering a full-scale support in GDPR implementation, tailor-made to the needs of your company.
We are available for a meeting or Skype Conference of our team with any entity interested, to present our services and investigate the most efficient way to cover the needs of a company regarding GDPR compliance.
The article was written by Manolis Eglezos, managing partner of Manolis Eglezos and Associates Law Firm