simpleshow explains the EU General Data Protection Regulation

28 countries, 1 law: How to prepare yourself for the new EU general protection regulation

As of 25 May 2018, a uniform EU-wide data protection regulation (EU GDPR) will become binding law. Agreed upon two years ago, the transitional period will soon come to an end. In order to successfully meet the challenges of the new regulation, companies will have to make some adjustments. We explain what the EU general data protection regulation means for you as a company and summarise your duties:


Can we help you communicate the upcoming changes?

Error: Contact form not found.

Here are the key points of the new law at a glance:

Overview of the most important changes that the GDPR will bring

Who is affected by the new European Union data protection regulation?


Around 512 million EU citizens benefit from the harmonization. Companies in the 28 countries of the European Union are now on the move. All companies must now ensure high standards of customer and data security.



In which countries will the Regulation apply from May 2018?


The regulation is effective in all 28 countries of the European Union. In addition to the six founding members (Belgium, France, Germany, Italy, Luxembourg and the Netherlands), the law is binding in Austria, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, Greece, Hungary, Ireland, Latvia, Lithuania, Malta, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and (at least until March 2019) the United Kingdom. Every company with a seat in one of these countries is therefore subject to the imposed changes.



What do companies have to consider?


All companies within the EU need to act now: Does data protection in my company comply with the upcoming standards? Can I respond adequately to consumer requests and, if necessary, to legal issues?

The scale of these challenges becomes clear when one thinks of the huge number of companies in each of the countries; e.g. Germany alone is home to 3.5 million companies. Whether huge corporates or newly founded businesses, the new law affects everyone.


Companies must now pay attention to this:

  • – The consent age for data processing is set at 16 years.
  • – Consent to data processing must be actively requested and stored.
  • – The customer/user has a right “to be forgotten”.
  • – Companies are asked to provide proof of innocence in the event of a dispute, using flawless documentation.



Who implements the new law in my company?

Ideally, your data protection officer will coordinate this project. Important: This employee must not be in conflict with his or her own work or appear to be in self-control.



When does a company need a data protection officer?


The GDPR makes it a requirement that organisations appoint a data protection officer (DPO) in some circumstances. Any organization that processes or stores large amounts of personal data, whether for employees, individuals outside the organization, or both, needs to have a data protection officer.

DPOs are responsible for educating the company and its employees on important compliance requirements, training staff involved in data processing, and conducting regular security audits. DPOs also serve as the point of contact between the company and any Supervisory Authorities that oversee activities related to data. More specific requirements are often regulated by national provisions.



What if my company does not implement the new data protection law?


The EU is serious about data protection: The GDPR hurts negligent data managers with severe penalties of up to 4% of the company’s annual turnover.



What are the advantages of the new EU Data Protection Regulation for companies?


In fact, the EU-wide regulation also offers opportunities for companies and founders. Turn the necessity into an advantage and benefit from it:

  • – Use the upcoming documentation requirement to optimize your data management at the same time
  • – Unify processes between offices in different EU countries
  • – Get a better overview of processes and links with the position of a Data Protection Officer
  • – Train your employees on data protection to raise awareness and ensure compliance



What will the EU general data protection regulation change for me as a consumer?


The most important points for you as a customer are clear:

  • – Your data may only be stored and processed with your consent.
  • – You have the right to be forgotten
  • – Customers can now request the disclosure of all data they have transferred to and a company and all their data that is collected by the company (right to data transmission)



How can simpleshow support my company in the transition process?


You want to train your employees on the new data protection regulation or inform your customers about the new processes? Explainer videos by simpleshow are the solution! We explain complicated topics in a nutshell, in a clear and memorable way. Benefit now from our 10 years of explanation experience.



This page contains general information and does not replace legal advice.