General Data

Protection Regulation

The European Union’s General Data Protection Regulation (GDPR) goes into force on 25 May 2018 and for companies and organisations that handle data relating to EU citizens, this means a lot of changes.

Find out how it will impact your business.
What is GDPR
The GDPR is a new Regulation and Directive by the European Commission that fortifies EU citizens’ fundamental right to privacy and the protection of personal data.
It applies to any company doing business with customers in Europe, regardless of the company’s location or where the data is processed.
A company found to be in breach of GDPR can be fined up to EUR 20 million or 4% of their total revenue, whichever is higher. So it pays to be compliant.
Use our GDPR Toolset to inspect your data systems in a timely 
and cost-effective manner.
Read more about our 
GDPR Toolset
GDPR Rules
and Regulations
Personal data is...
Any information related to a data subject, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.
A company that collects, stores or uses personal data must...
who they are, why they are processing the data, how long it will be stored for and who will receive it.
Get clear consent
from data subject to process the data, or get consent from person holding ‘parental responsibility’ if data subject under 16.
the lawful basis for its processing activity in the GDPR, document it and update privacy notice to include that information.
Keep evidence
of consent - who, when, how, and what - and refresh it if anything changes.
Give people access
to their data and allow them to transfer it to another company or have it removed at their request.
process personal data to the extent necessary for its intended purpose.
at all times where and how user data is stored.
any data breach within 72 hours to appropriate country office and also inform users if there is a serious risk to their data.
a Data Protection Officer to ensure compliance with GDPR if company processes large amounts of data, whether for employees, individuals outside the organisation, or both.
GDPR Toolset
Automate your GDPR audit process, track your user data, discover and manage existing user data points and third party integrations, automatically detect undocumented user data, create user data logs on request and generate consent pop ups, all in the WAAT GDPR Toolset.
Related articles from our blog
Web Architecture
and Technologies Ltd
27 Dingley Place, London EC1V 8BR, United Kingdom
VAT Number GB100609172
WAAT Switzerland GmbH
Bernoullistrasse 20, CH-4056 Basel
WAAT Poland Sp. z o.o.
Telewizyjna 48, 01-492 Warszawa
Send us a message

Follow us
  • Facebook
  • Linkedin
  • Twitter