GDPR
Running a successful business in today’s economy often involves the collection of personal data. Globally, massive volumes of personal data are collected, harnessed and stored daily.
According to the EU’s General Data Protection Regulation (GDPR), personal data is essentially any form of data that can identify an individual — directly or indirectly.
For instance, identifiers from a telematics system that can make accurate correlations between data and delivery drivers to provide information on location or speed can be classified as personal data.
Businesses, when using employee data, must seek consent that is specific, unambiguous and freely given. Before giving consent, employees have the right to know the purpose, scope, and nature of the data use.
With the expansive nature of a multinational business, where there are many vendors along the supply chain, it is the company’s responsibility to manage third-party partners and ensure their regulatory compliance, such as having the ability to retrieve and delete user data within a specific timeframe.
The lack of data compliance could result in accidents like the Facebook-Cambridge Analytica breach; the data analytics firm would not have been able to access Facebook’s consumer data if permission had to be granted by the social platform’s users.
A high level of compliance to prescriptive data protection laws and standards is necessary in today’s global economy where regulations can reach well beyond borders. Failure to comply could result in penalties as high as €20 million, or 4 percent of a company’s worldwide annual revenue.
Learn more about the Deutsche Post DHL Group's data privacy policy here.
English