Gå direkte til content
Hurtig IT support hos itm8
Hurtig IT support hos itm8

GDPR

General Data Protection Regulation is the international name for the EU General Data Protection Regulation, which came into force on 25 May 2018. Learn more about what GDPR is all about here.

VM-31766-Banner-02

What is GDPR?

The GDPR is about ensuring uniform rules across the EU for handling sensitive personal data online. It will affect companies, organisations, associations and anyone else who holds sensitive personal information about employees, customers, members and others.


What does "personal data" mean?

The GDPR distinguishes between ordinary personal data and sensitive personal data.

General personal data is everything from name, address and phone number to exams, salary and tax matters. Sensitive personal data is more intimate information such as race, religious beliefs, genetic data and sexual orientation.

Whether you're a company, organisation or association, you have an obligation to keep this information safe. It can be very valuable to cybercriminals who can use it for extortion or resale.


How do you process personal data today?

The GDPR tightens the rules for processing personal data. In order to comply with the rules, you need to keep track of the data flows in and out of your company, organisation, association, etc.

Here are some questions you should sit down and find answers to:

  • What types of personal data do you collect?

  • Where do you collect your personal data from?

  • How do you collect your personal data?

  • Do you disclose your personal data and if so, to whom?

  • Where and how do you store (and secure) your collected personal data?

  • How do you use your personal data? And what are your future plans for using it?

  • Do you know how and when you delete personal data?


What's new in the GDPR?

Many of the rules in the GDPR are already in the current Personal Data Act. But there are also some new additions that are not currently included:

  • Fines: Where today the fines are in the range of 5-10,000 DKK, in the future the fines can be up to 4% of

    your turnover and a maximum of €20 million. Few companies will face such large fines, but it gives an indication that the general level of fines will increase significantly.

  • New rights for data subjects: The GDPR introduces a number of new rights for ordinary people whose data is stored in, for example, a company. For example, the so-called "right to be forgotten", which gives people the right to have their personal data deleted by a specific company or organisation.

  • Harmonisation of rules across European countries: One of the reasons behind the introduction of the GDPR is to create common European rules to make it easier for data controllers and data subjects to navigate a European market.

Are you unsure what GDPR means for your business? And how you and your organisation can best comply?

Contact us here.