Countdown - Coming in 2018!
No exceptions: The General Data Protection Regulation will apply to all companies!
On May 25, 2018, the provisions of the EU General Data Protection Regulation will become fully applicable. Companies that have not yet made preparations should do so as quickly as possible. That’s because there will be considerable fines for those who do not comply with the new requirements after the start date.
May 25, 2018 is the date: From then on, the provisions of the European General Data Protection Regulation (GDPR) will apply without restrictions. Its requirements and obligations must be met by all companies collecting, processing, and using personal data, irrespective of their size and the industry they are in. It makes no difference whether it does so as a controller or as a processor. The GDPR affects everyone, even outside of the EU since it will apply whenever personal data is entering or leaving the EU.
A particular feature of the GDPR is that it becomes directly applicable on May 25, 2018 because it is directly applicable law. That means that the GDPR will apply from the start date in all 28 Member States – unlike a Directive, for example. Companies that do not meet the requirements and obligations of the GDPR as of the start date may be subject to significant sanctions: up to EUR 20 million or four percent of global annual revenue per infringement may be owed!
For each infringement of the GDPR, companies may be subject to fines of up to EUR 20 million or four percent of global annual revenue.
This can be avoided by implementing the new requirements. Companies should hurry if they want to implement and meet the requirements of the GDPR by May 25 because a lot of adjustments will be needed. Information and documentation obligations in particular have been extended significantly in comparison with the currently applicable legal framework. In addition, the GDPR imposes an obligation on companies to set up and implement a data protection compliance system that is appropriate for the size of the company and the data processing procedures involved and keep a record of the processing activities. There are no exceptions: every company processes personal data, even if it is only the data of its employees. It’s a fact: the GDPR affects everyone!
We bundle our many years of experience in data protection law in our Taskforce Data Protection. Our specialists work hand in hand with experts from other practice groups, for example employment law or competition law. We can therefore advise our clients comprehensively on data protection law.
Your contacts are the experts of the Taskforce Data Protection. Dr. Philip Kempermann and the other Taskforce Data Protection members specialize in data protection law and the other key legal fields for implementation, such as IT, Employment and Competition Law, Banking and Finance, and Compliance.
![[Translate to English:]](/fileadmin/_processed_/5/9/csm_20-Euro-Schein_505aaf1110.jpg "[Translate to English:]")
