Well ahead of the May 25, 2018 deadline, Samsung Networks achieved GDPR compliance. The European Union mandated that “all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location” implement the General Data Protection Regulation (GDPR) guidelines. Samsung has.
GDPR is a framework for data protection intended to guard consumers’ personal data and privacy against loss and exposure.
The new law, passed in April 2016, delineates requirements and guidelines around data management and security that include:
- Individual rights and consent
- Data processing
- Notification standards
Changes to the previous GDPR guidelines include:
Privacy by design: Systems, applications, and projects should be designed with privacy in mind, by default, so that information is always protected.
Incident notification: Should a data breach occur, companies must notify data subjects and authorities within 72 hours and disclose what information was exposed.
Minimization: Controllers will only hold and process “the data absolutely necessary for the completion of its duties” and limits the access to those who do the processing.
Globalization: Because of the nature of those who are now protected (any consumer residing within the European Union), this latest iteration of the law effectively has global implications for data security.
Samsung does not take consumer trust for granted. Our track record of transparency as a company is the foundation upon which that trust is built. Data protection is another opportunity for our company to show consumers how much we value them. Because privacy matters, Samsung Guest Analytics is GDPR compliant.