General Data Protection Regulation (GDPR)

The General Data Protection Regulation will come into effect on 25 May, 2018, changing the global privacy landscape. The regulation will replace Data Protection Directive (DPD 95/EC/46). It is considered to be one of the greatest advancements in data privacy. It is a borderless and sector/industry independent regulation. It is expected to impact organizations across the globe that do business in Europe. The applicability of the GDPR is linked to (1) the establishment of the controller/company in the EU and (2) services provided to EU data subjects. In situations where the ‘personal data’ is collected outside the EU and processed outside the EU, GDPR’s applicability doesn’t hold. Deloitte has a dedicated team of specialists with a deep expertise in privacy data protection programs across large scale and complex organizations, embedding change and offering a full spectrum of GDPR related services.