The General Data Protection Regulation (GDPR) aims to:
-
Strengthening the protection of individual rights
The RGPD aims to strengthen the protection of individuals' rights with regard to their personal data. It grants individuals rights such as the right of access, rectification, deletion, portability and opposition concerning their personal data. It also guarantees the right to information, the right to informed consent and the right not to be subject to automated decisions; -
Empowering organizations
: The RGPD requires organizations to take responsibility for protecting the personal data they collect and process. Organizations are required to implement appropriate technical and organizational measures to ensure the confidentiality, integrity and security of data, as well as to comply with the key principles of the RGPD ; -
Harmonizing data protection rules in Europe
: The RGPD aims to harmonize data protection rules within the European Union (EU), so that the same data protection standards apply in all EU member states. This facilitates the free movement of personal data within the EU and avoids discrepancies between national legislations ; -
Reinforcing penalties for non-compliance
The RGPD provides for significant financial penalties in the event of non-compliance with data protection rules. Companies that fail to comply with RGPD requirements can be fined up to 4 % of annual worldwide sales or €20 million, whichever is higher. This is intended to deter companies from failing to comply with data protection rules and to ensure greater compliance with the RGPD.
