What is the General Data Protection Regulation?
The General Data Protection Regulation (GDPR) is introduced by the European Union to safeguard the privacy of data for European citizens. In this digital age, many government organizations, private organizations, non-profit organizations, etc. have access to our personal information without our consent and are being misused. With the GDPR coming in, there will be transparency and strengthening of the fundamental rights of individuals. This data protection bill aims to provide individuals better control related to the usage of their data.
The GDPR consists of 11 chapters. This data protection bill mentions provisions regarding principles, general provisions, data rights, supervisory authorities, duties of data controllers, and so on. The GDPR compliance regulations also deal with the transfer of personal data to other countries, penal provisions, and liability and remedies for breach of rights, etc.
Why is GDPR compliance important for your company?
GDPR is not applied to the citizens/businesses residing in the European Union alone. It should be implemented by businesses in other countries that have EU citizens as their customers as well.
Please note that GDPR compliance applies to any company that markets services or goods to the residents of the European Union, regardless of its location. By ensuring compliance with GDPR, your business can improve the protection of customer data, build trust with them, and can also avoid paying hefty penalties. If the website of your company collects any regulated data from European users, you should comply with the GDPR data protection bill. Websites that do not comply with the general data protection regulation will not be accessible in the European Union countries.
Points to consider while ensuring GDPR compliance
You should keep the following points in mind before proceeding to ensure GDPR compliance for your business-
Read the general data protection regulation
You should go through and understand this landmark data protection bill as your business is affected by the GDPR rules. However, most of the sections in this regulation feature legal language and may be difficult to decipher at times.
Look at how other organizations are doing
Remember, it's not just you! Most of the businesses across the world are affected by GDPR rules. If you still lack a proper understanding of the general data protection regulation, and how to ensure compliance to it, reach out to other organizations who have obtained compliance already.
Pay attention to your website
Data storage, cookies, and opt-ins are important constituents of a website, and this data protection bill has special provisions regarding their compliance. In addition to these, your websites may have other inbuilt tools to gather and store contact data and you need to ensure GDPR compliance for such tools as well.
Pay attention to your data
The general data protection regulation insists that all your business data must comply with GDPR rules if you have a physical or digital presence in the EU. You should map how your business data is entered, stored, transferred, and deleted. This knowledge is critical to prevent breaches and to report properly in case of such a breach.
We would be requiring your existing privacy policy
If it's a startup, then the following information is required:
- Is registration mandatory? Can Facebook or Google Plus accounts be linked?
- Nature of Data collected from users
- The scope of services provided by you
- Whether you wish to employ Cookies? What about Google Ads/analytics?
- Whether you wish to use Third Party payment gateways for any services on your site?
Timeline:
It would take us 3 - 4 working days to deliver the first draft. However, we shall deliver the document within 24 hours, if you approach us for priority service, charges are applicable for it.
Documents required for General Data Protection Regulation
In India, General Data Protection Regulation cannot be done without proper identity and address proof. These documents will be needed for all the directors and the shareholders of the company to be incorporated. Listed below are the documents that are accepted by MCA for the online company registration process acceptable.
Identity And Address Proof
- Scanned copy of PAN Card or Passport (Foreign Nationals & NRIs)
- Scanned copy of Voter’s ID/Passport/Driver’s License
- Scanned copy of the latest bank statement/telephone or mobile bill/electricity or gas bill
- Scanned passport-sized photograph specimen signature (blank document with signature [directors only])
For the foreign nationals, an apostilled or notarized copy of the passport has to be submitted mandatorily. All documents submitted should be valid. The residence proof documents like the bank statement or the electricity bill must be less than 2 months old.
Registered Office Proof
For online company registration in India, the company must have a registered office in India. To prove admittance to the registered office, a recent copy of an electricity bill or the property tax receipt or water bill must be submitted. Along with the rental agreement, utility bill or the sale deed and a letter from the landlord with her/his consent to use the office as a registered office of the company should be submitted.
- Scanned copy of the latest bank statement/telephone or mobile bill/electricity or gas bill
- Scanned copy of Notarized rental agreement in English
- Scanned copy of No-objection certificate from the property owner
- Scanned copy of sale deed/property deed in English (in case of owned property)
Note: Your registered office need not be a commercial space; it can be your residence too.