GDPR: A Simple Explanation

GDPR stands for General Data Protection Regulation. This law was passed by European Union. The goal is to protect the privacy rights of individuals in European Union and European Economic Area by giving them control how their personal data gets used online.

Key Principles of GDPR

1. Lawfulness, Fairness and Transparency: Organisations need to process personal data lawfully and fairly. They need to be transparent to individual about how their data is processed.

2. Purpose Limitation: Personal data that is collected for a specific purpose should not be used for any other purpose without individual's consent.

3. Data Minimization: Organization should collect minimum amount of personal data.

4. Accuracy: Organisations must ensure data collected is accurate and up to date.Individuals have right to request for correction if data is incorrect.

5. Storage Limitation: Personal data collected must not be stored for long duration.Data should be deleted if its no longer needed.

6. Integrity and Confidentiality: Organisation must protect personal data from unauthorized access and accidental deletion.

7. Accountability: Organisation are responsible for compliance with GDPR.

Rights of Individuals in GDPR

• Right to Access

• Right to Rectification

• Right to Erasure

• Right to Restrict Processing

• Right to Data Portability

• Right to object

• Right to make decision for automated data processing