EU General Data Protection Regulation (GDPR) - Frequently Asked Questions
EU General Data Protection Regulation (GDPR) - FAQ
From May 2018, all Slovak Companies need to comply with the new EU General Data Protection regulations. Penalties of up to 4% of Revenues exist for non-compliance. Are you ready for the change?
What is the regulation about?
This revised regulation places a legal responsibility on companies to manage, in a new defi ned way, the Personal Data they hold and process about private individuals.
What is new in this regulation?
The current regulation, based on EU Directives from 1995, placed the burden of proof on the individual or the Regulator to show how the Company has misused their personal data. The new 2018 regulation clearly places the responsibility on the Company to show they have not misused the personal data they hold. This is a fundamental shift in perception and each Company needs to address this change.
What persons are covered?
The defi nition is broad and it covers any person. This can include those who have a relationship with you such as a candidate who submitted a CV, an employee, customer or supplier. It also includes those with no relationship with the Company such as a market researcher.
What is considered personal data?
Any data that can identify an individual. Examples include name, address, phone number and emails.
In practice, how could this impact your Company?
Any individual may approach your Company and ask which of their personal data you process and/or require a formal confi rmation that you hold no personal data on them. If you do hold such data you must confi rm what you hold, how you use it and should the individual so request, erase it.
Does the regulation apply to my company?
If you store data employee details in HR, customer details in CRM systems or Customer Loyalty programs, or supplier details in Supply Chain systems, it is likely this regulation applies to you.
To date how are Slovak companies approaching this topic?
Large B2C companies such as Financial Services, Retailers and Telecoms have been working on reengineering processes for 18 months. B2B companies are now working on GAP analyses with process reengineering started
or commencing. The effective date is 25 May 2018.
© 2024 KPMG Slovensko spol. s r.o., a Slovak limited liability company and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.
For more detail about the structure of the KPMG global organization please visit https://kpmg.com/governance.