The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in the last twenty years. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC) and became enforceable on May 25, 2018 by applying a single data protection law that is binding throughout each member state.
Why is GDPR important?
GDPR ensures the protection of personal data, and that it remains a fundamental right for EU citizens by modernising outdated laws. GDPR has the potential to impact any business that collects data in or from Europe. With fines up to €20,000,000 or 4% of global annual turnover, whichever is greater, there is a significant risk to organisations who fail to meet their obligations under GDPR.
What is personal data?
The GDPR definition of personal data includes what we typically consider personally identifiable information (PII), which is any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This could include name, passport number, birth date, etc. but, it also includes data that we might consider to be non-PII, like IP addresses or device IDs. For a comprehensive list of what the GDPR considers personal data, please read Article 4(1) of the GDPR.
SAF Directions and GDPR
SAF Directions (“we”) believes that the GDPR is a significant step forward in data privacy and supports the emphasis on strong data privacy protections and security principles. We are committed to ensuring that we are GDPR compliant and we will be following the legislation closing and working closely with our customers, clients and suppliers to ensure we are 100% compliant at all times. If you have any immediate questions about your data and its impact with GDPR, please do contact us.
We encourage you to familiarise yourself with GDPR and the new provisions of the new regulation. This is especially important with how it differs from the Data Protection Act 1998.
We have been and will continue to be busy working with our providers to ensure we are GDPR compliant at all times. We will continue to make operational changes resulting from the new legislation as the information becomes clearer and we learn from it. We are regularly reviewing the Information Commissioner’s Office (ICO) website to ensure we stay abreast of updated guidance as it becomes available.
Statement last updated on November 2018