The general Data Protection Regulation (GDPR) came into force on May 25th, 2019 and became the primary law regulating how companies process and protect EU citizens’ personal data. All companies must comply with GDPR regulations.
Companies that fail to comply with GDPR regulations and not achieve compliance will be subject to stiff penalties and fines.
GDPR requirements apply to each member state of the European Union, aiming to create more consistent protection of consumer and personal data across EU nations. Some of the key requirements of GDPR include:
Any company that processes European consumer data must adhere to GDPR regulations. This includes firms that are not located in the EU, but who offer free or paid goods or services, or monitor the behaviour of EU residents. Notably this includes Google and social media networks such as Facebook.
The most significant company to fall foul of these GDPR regulations is Google who were fined £44 million over how they processed user’s personal data. The first complaint against Google came on the day the GDPR was first filed by a French privacy rights group which claimed Google did not have a valid legal basis to process user data for ad personalisation on their network. The EU courts agreed, and Google were fined a record £44 million.
Google can be considered to have got off lightly – failure to comply with GDPR can carry a maximum fine of up to 4% of a firm’s turnover; which in Google’s case is significantly more than the £44 million they were fined.
It is the responsibility of the data controller within an organisation to ensure that the business complies with GDPR. What’s more, he or she must be able to demonstrate GDPR compliance.
If your business involves handling of pre-owned mobile phones, then one of the ways you might fall foul of GDPR regulations is if previous user data is not properly erased from these devices. Doing a factory reset just won’t cut it, you need to ensure any personal data from a used mobile phone cannot be recovered.
MobiWIPE® by MobiCode is our mobile data erasure tool that provides a full audit trail through certifications of erasure, which help your business prove compliance with GDPR regulations. These tamper-proof reports are an efficient way of proving clear steps have been taken to protect personal data. What’s more, any erasure carried out with MMobiWIPE® is insured by Hiscox insurance, fully protecting your business against the financial costs of accidental data breach.
To find out more about MobiWIPE®, contact the MobiCode team on 02031 502529.