GDPR summary

A beginner's guide to data privacy in the EU.

Ask us a question

Key features of the GDPR

gdpr compliance infographic
yellow hand drawn gavel icon
Accountability and governance
Organizations must adopt measures to demonstrate compliance with GDPR principles, such as documenting data processing activities and restricting the amount of personal data they collect to the absolute minimum required (‘data minimization’).
red and white hand drawn exclamation icon
New financial penalties
Non-compliance with the GDPR can lead to fines of up to €20M or four per cent of an organization’s worldwide annual turnover for the previous financial year, whichever is greater.
brown hand drawn checklist icon
Tougher restrictions on data processing
You may only process personal data if you have a valid lawful basis for doing so, such as informed consent (not pre-ticked boxes), or a 'legitimate interest'.
blue hand drawn magnifying glass icon
Breach notification
Organizations must report data breaches to the relevant supervisory authorities within 72 hours if the breach is likely to put at risk the rights and freedoms of individuals.
greenhand drawn tick box icon
Greater rights for individuals
These include the right to access their data free of charge and without delay; the right to have errors corrected ('rectification'); the right to have their data erased (‘the right to be forgotten’); the right to have it transferred to a different service provider in a structured, machine readable format ('data portability'); and the right to be informed about how their data is used.