The EU General Data Protection Regulation is here

The biggest shakeup in data protection regulation in a generation

The European Union (EU) General Data Protection Regulation (GDPR) is one of the most progressive and advanced data protection legislation globally, and has replaced the current Data Protection Directive.

We look at some key points on this new legislation

General Data Protection Regulation

After four years of negotiations, the EU General Data Protection (GDPR) is here! The new law will introduce a range of requirements that will have significant impacts on organisations. Combined with increasing demands from consumers, privacy is now firmly positioned at the top of the coporate agenda.

Significant New Requirements

The GDPR mandates organisational accountability and will require organisation to implement robust privacy governance and in general take a more proactive approach to privacy compliance.

Harmonisation and Enforcement

The GDPR harmonises much of the currently fragmented legal framework for privacy across Europe, providing one data protection regulation for all member states.

International Reach

Organisations outside the EU that process data to offer goods or services to European residents or to monitor the behaviour of European residents will also be subject to GDPR requirements.


Some African organisations believe that the European Union’s General Data Protection Regulation (GDPR), does not apply to them, simply because they do not operate from a European country.

The GDPR will apply to organisations which do not have an EU presence, but:

  • Process the personal data of individuals in the EU
  • Have employees based in the EU
  • Target individuals in the EU through either, the offering of goods or services to such individuals, or the monitoring of their behaviour in the EU
  • They transfer personal data to or receive personal data from the EU

How can Deloitte help?

Our experienced team of data privacy and cyber risk professionals can deliver a wide range of GDPR services.

Compliance is Key General Data Protection Regulation
Did you find this useful?