As Asia’s leading Global PEO provider, we pride ourselves on assisting foreign businesses with their expansion to new markets. We ensure compliant solutions for our clients, including compliance with the General Data Protection Regulation (GDPR). We discuss this important aspect of our services below.
About the general data protection regulation
The GDPR is a European Union data regulation law that protects personal data of citizens. This influential law has changed the way that businesses handle private data, internal operations and the development of businesses. This regulation must be followed by a variety of individuals and entities, including the following:
- Companies located in the European Union
- Companies with employees in the European Union
- Companies that supply goods and services to citizens of the European Union
International companies that collect or possess personal data regarding European Union citizens must comply with data protection requirements and are subject to the same penalties as European Union companies for non-compliance.
Requirements of the general data protection regulation
The GDPR is an extensive law that requires the highest standards related to the handling, maintenance and retention of personal data. Complying with this integral law requires digital data to be encrypted. It must be transferred with the highest levels of security.
Some of the most important requirements of the GDPR include:
- Private citizens must consent to data processing
- Data must be anonymized to protect privacy
- Companies must implement reasonable data protection measures to protect the personal data to consumers and protect their privacy
- Safe measures must be complied with when transferring data across borders
- Certain types of companies are required to appoint a data protection officer who is responsible for overseeing GDPR compliance
- Companies must perform data protection impact assessments to identify possible risks of to consumer data
- Data breach notifications are required when they occur
- Controllers must notify supervising authorities of a personal data breach within 72 hours of notice of the breach and must provide them with specific details related to the breach, including the approximate number of people whose data may have been breached
- Data controllers must notify data subjects quickly regarding the breach when their rights and freedoms are at high risk
- Companies that violate the GDPR are subject to penalties, including up to 4% of their global annual revenue, depending on the type of violation
How Horizons handles personal data in compliance with the general data protection regulation
Horizons takes all requirements of the GDPR seriously. We store and use personal data for legitimate reasons. Our company retains and disposes of your data in a secure manner. Our local experts have extensive experience with the GDPR and are highly knowledgeable about the legal requirements that our European clients must uphold.
If your company’s core activities involve the processing of personal data that requires regular and systematic monitoring of individuals on a large scale in the EU, you will need to comply with the GDPR. When you delegate this function to Horizons, we will protect your personal data in a transparent manner that is compliant with the GDPR.
Horizons adapts our services and internal procedures to the requirements of the GDPR. We can notify you of the information you are legally entitled to under the requirements of this regulation. Our experts can also meet with your internal leaders to further develop strategies to remain in compliance with the GDPR.
If you have questions pertaining to the GDPR and how Horizons can help. Our local experts can explain our services and how we remain compliant with this important regulation and others. Contact us today to learn more about our services.