All companies dealing with European entities have to comply with new data protection regulation
The office of the Delegation of the European Union to Namibia announced this week that last Friday’s new EU law for protecting data privacy, the General Data Protection Regulation (GDPR), has established a uniform standard across the union for companies that collect, store and manipulate large amounts of data on private users.
“The changes will give people more control over their personal data and make it easier to access it. They are designed to make sure that people’s personal information is protected – no matter where it is sent, processed or stored – even outside the EU, as may often be the case on the internet,” stated the delegation.
“The new data protection regulation implies economic, political and diplomatic impacts. Third country authorities and economic operators should comply with GDPR if they offer goods and services to EU residents. An organization or company could request the advice of the EU to better understand how the GDPR applies,” the delegation offered.
GDPR focuses on reinforcing individuals’ rights; strengthening the EU internal market; ensuring stronger enforcement of the rules; streamlining international transfers of personal data; and setting global data protection standards.
“ In essence this law changes the rules for companies and organizations that collect, store or process large amounts of information on residents, requiring more openness about what data they have and who they share it with. This Regulation updates and modernizes the principles enshrined in the 1995 Data Protection Directive to guarantee privacy rights. The regulation is an essential step to strengthen citizens’ fundamental rights in the digital age and facilitate business by simplifying rules for companies in the digital single market. A single law will also do away with the current fragmentation and costly administrative burdens. For instance, instead of having to deal with 28 different data protection laws and 28 different regulators, one set of rules will apply and will be interpreted in a uniform way throughout the continent. In summary, the GDPR applies to any business that processes personal data by automated or manual processing. Companies based outside the EU must also apply the same rules as European companies when offering their goods or services to individuals in the EU,” stated the EU Delegation to Namibia.