GDPR – Is your Fund ready?

Etain de Valera

21st September 2017

Countdown to GDPR

  • General Data Protection Regulation - Regulation (EU) 2016/679
  • Replaces existing data protection law in all member states on 25 May 2018
  • Designed to result in single, uniform set of data protection rules applying across the EU (EU Regulation instead of EU Directive)
  • Retains and enhances existing data protection concepts and requirements
  • Increases obligations on controllers/processors
  • Affords new rights to data subjects
  • Now is the time to act!

Key Data Protection Terminology

  • Definitions (Article 4) – Similar to existing regime
  • Personal data – relates to identified or identifiable living individuals (not anonymised data)
  • Processing – widely defined – includes any collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, erasure or destruction of data
  • Controller – entity which determines the purposes and means of processing of personal data –
  • Processor – entity which processes personal data on behalf of controller – e.g. outsourced service provider

To view the full presentation please click here.