DO YOU DO BUSINESS WITH EU CITIZENS?

In May 2016, the European Union (“EU“) adopted the General Data Protection Regulation (“GDPR“). This regulation introduces a new set of data protection rules that will increase data protection for EU residents and citizens and places more stringent guidelines on the treatment of their personal data.

It is important to note that the GDPR is not applicable only to entities located in the EU. In fact, its scope is so broad that it will apply to any entity around the world that processes personal data of individuals who are residents or citizens of the EU. Because South Africa has a thriving tourism industry with thousands of Europeans coming to its shores each year, this regulation will have a significant impact on many South African businesses. For example, any hotel that records personal data of a guest, who is an EU resident, will have to meet the requirements of the GDPR.

Although most South African businesses engaged in data processing will be aware of the Promotion of Protection of Personal Information Act 4 of 2013 (“POPI“) and its requirements, the GDPR imposes some restrictions on data processing that are not covered by POPI.

Therefore, it is important for any person or business that processes any personal information of EU residents or citizens to undergo, before the May 2018 deadline, a data processing assessment in order to determine whether or not your processing activities will comply with the GDPR.

 

/by
You might also like
Commercial leases: Understanding the legalities
Polity – Bannister Law Rebranding
Commercial Leases Polity – Commercial Leases – Some Insights
Understanding the legalities of commercial leases
Do You Read Online Terms and Conditions? You Should and Here’s Why
Protection of Personal Information Act THE 8 CONDITIONS FOR THE PROCESSING OF PERSONAL INFORMATION: PART III