Press Room | Newsletter Sign-Up | Connect | Careers



What is GDPR?

The European Union (EU) passed the General Data Protection Regulation (GDPR) in order to provide internet-users a clearer picture of what personal information and data is being stored and collected. GDPR will take effect on May 25, 2018, and is considered to be the first major change to digital privacy laws since 1995 and will replace the Data Protection Directive currently in place1.

Why is there a new regulation?

The purpose of the regulation is to ensure consumers are aware of how their information is stored when browsing the internet, and force businesses to better protect the online privacy rights of their consumers2. GDPR includes some major ramifications for companies collecting data through websites on EU customers and visitors, as well as those who employ people abroad. Ramifications could be the larger of 20 million euros, or 4 percent of the company’s annual revenue.

Who will this impact?

Although an EU regulation, penalties apply to all countries that collect any type of data on those in the EU. Failure to comply could result in a hefty fine and failure to pay the fine may result in the inability to do business throughout the EU.

Yes, I would like to receive HR news and best practices from XcelHR

The countries that this will affect are EU member states and the UK3. EU member states are4:

  • Austria

  • Belgium

  • Bulgaria

  • Croatia

  • Cyprus

  • Czech Republic

  • Denmark

  • Estonia

  • Finland

  • France

  • Germany

  • Greece

  • Hungary

  • Italy

  • Latvia

  • Lithuania

  • Luxembourg

  • Malta

  • Netherlands

  • Poland

  • Portugal

  • Romania

  • Slovakia

  • Slovenia

  • Spain

  • Sweden