The GDPR: what does it mean for non-EU companies?
What kind of measures do organizations from outside Europe need within the context of privacy and data protection, when deciding to do business in Europe? One key aspect is the GDPR or General Data Protection Regulation. But when your company is not located in the European Union, why should the GDPR apply to you? This is an interesting question that we will discuss in this white paper. Looking from a distance it seems obvious that when you are, for example, based in the United States, you are not captured by the GDPR, since you are not a European company. But is this really true? The answer, like many in the field of law is: It depends.
What’s in for you:
Material and Territorial Scope of the GDPR
The GDPR has a material scope and a territorial scope. The material scope defines when the GDPR comes into effect and when it does not. Basically, this explains when it is applicable and when it is not.
Reasons to appoint a DPR
Protecting the data of the organization’s (European) customers can be a substantial benefit to the organization when seeking to acquire and retain customers’ trust. Customers are increasingly conscious of how their data is being used by companies and what recourse they might have under the GDPR. By appointing a DPR an organization is proactively showing that it respects the privacy and the personal data of its customers, and the GDPR provisions.
What happened to the GDPR in the UK after Brexit?
When the United Kingdom leaves the European Union on a no-deal scenario this will have implications when looking at data transfers to and from the United Kingdom and the European Union, and what needs to happen when looking at a DPR. The GDPR was transposed into English national legislation. This may however change over time as of the 1st of January 2021 the United Kingdom no longer implements European legislation.
Download the whitepaper now
Do you have any specific question about the GDPR or EU Data Privacy Regulations?
Please feel free to contact us!