General Data Protection Regulation (GDPR)

Privacy and protection are our #1 priority

What is the GDPR?

The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU.The provisions are consistent across all 28 EU member states, which means that companies have just one standard to meet within the EU. However, that standard is quite high and will require most companies to make a large investment to meet and to administer.

What data is regulated by the GDPR?
The GDPR regulates organizations’ collection, processing, and storage of personal data of EU individuals. Personal data includes any information that can be connected back to a particular EU individual. Some of the personal data regulated by the GDPR is fairly obvious, such as email addresses and employee ID numbers. It isn’t all so straightforward, though. The GDPR also regulates information that could be traced back to a specific person, so depending on the circumstances, it may cover geolocation and behavioural data, as well. The law was written to be future-proof, so it doesn’t provide a finite list of personal data types. Generally speaking, any data that identifies a living EU individual counts as personal data.
Who does GDPR apply to?
GDPR applies to any organization operating within the EU, as well as organizations that offer goods or services to customers or businesses in the EU. This broadens the scope of protection of EU residents for improved privacy control.

What if your organization doesn’t comply?

Financial penalties for data breaches involving EU citizens’ PII can run up to four percent or €20 million — whichever is higher — of an organization’s global annual revenue. That means gaps in GDPR coverage and security breaches can have critical consequences for an organization’s bottom line.

QuickLaunch's commitment to GDPR compliance

We view the GDPR both as an important step forward in streamlining and unifying data protection requirements across the EU, and as an opportunity for QuickLaunch to strengthen our long-standing commitment to data protection principles and practices.

QuickLaunch complies with the GDPR in the delivery of our service to our customers. We have closely analyzed the GDPR’s requirements, and based on our findings, we have made enhancements to our products and services, our documentation and our contract documents in order to help our customers meet their GDPR compliance requirements.

While QuickLaunch can’t solve all the challenges presented by the GDPR, Identity and Access Management using a product such as QuickLaunch can provide a strong foundation for GDPR compliance and can help reduce your risk. Be sure to consult with your organization’s legal team to understand how the GDPR may apply to your organization.