Get free access to
Our legislation updates make it easy for you to keep on top of the latest changes affecting your business. Receive our articles, opinions, tips, industry news, country profiles, regional overviews and studies, latest events and even more, directly into your mailbox.
Check out our Newsroom to see what is included!
We will send you only relevant information we consider may be of your interest and treat your personal data in compliance with our Privacy policy and GDPR statement.
Unable to subscribe? Try this page.
In 2016, the European Parliament and the Council on the protection of natural persons with regards to the processing of personal data and on the free movement of such data have enacted the Regulation (EU) 216/679, also known as GDPR. In summary, the new European General Data Protection Regulation (GDPR) brings additional safety requirements and obligations for businesses that process personal data belonging to EU citizens. More details about what this implies and how we can help you, may be found below.
GDPR affects all businesses (both EU and non-EU companies) that are offering products or services to EU customers and comes into force on the 25th of May 2018. Among some of the main aspects that data processors must be aware of, but not the only ones, are:
GDPR applies to all EU companies acting as data controllers and processors, as well as all companies handling the personal data of EU citizens.
The controller must be able to demonstrate that the consent for personal data processing has been granted via a statement or a clear affirmative action.
EU citizens have the right to be forgotten (have their data erased upon request), the right to data portability (to require their data transfer to other company) and the right to object to profiling (decisions based on automated processing).
A Data Protection Officer (DPO) must normally be appointed if the company conducts large scale systematic monitoring or processes large amounts of sensitive personal data.
An obligation to implement appropriate technical and organizational measures, such as Pseudonymisation, the obligation to keep track of processing activities and an obligation to notify any breach of personal data no later than 72 hours from the time of detection.
The transfer of personal data outside the EU and the EEA, may only be done in compliance with the conditions for transfer set out in Chapter V of the GDPR and based on the Commission’s decision.
Infringement(s) of these fundamental principles may result in sanctions of up to EUR 20 million, or 4% of the total annual turnover of the preceding year – whichever is higher.
Considering the high sanctions and the limited time that businesses have to ensure that all legal and technical aspects are covered, it is important to pick the right professional partner. Our international legal and corporate advisors are ready to help you identify how GDPR impacts your company and support you in the following areas:
About Accace
Accace is a proactive consultancy and outsourcing partner who bridges the gap between needs and solutions. Combining smart and streamlined technology with a holistic approach, we provide an all-round care to clients and consider their matters as our own. With over 800 experts and more than 2,000 customers, we have vast experience with facilitating the smooth operation and growth of small to large-scale, global businesses.
About Accace Circle
Accace operates internationally as Accace Circle, a co-created business community of like-minded BPO providers and advisors who deliver outstanding services with elevated customer experience and erase the borders of service delivery. Covering over 50 jurisdictions with nearly 2,500 professionals, we support more than 15,000 customers, mostly mid-size and international Fortune 500 companies from various sectors, and process at least 200,000 pay slips globally.
