GDPR Compliance

Vectra can assist you in complying with GDPR requirements

The European Union General Data Protection Regulation (the GDPR) contains new data protection requirements that will apply from 25 May 2018.

Learn More
Dots

What is GDPR?

The European Union General Data Protection Regulation (the GDPR) contains new data protection requirements that will apply from 25 May 2018. These will harmonise data protection laws across the EU and replace existing national data protection rules. The introduction of clear, uniform data protection laws is intended to build legal certainty for businesses and enhance consumer trust in online services.

Some Australian businesses covered by the Australian Privacy Act 1988 (Cth) (the Privacy Act) (known as APP entities), may need to comply with the GDPR if they:

  • Have an establishment in the EU (regardless of whether they process personal data in the EU), or
  • Do not have an establishment in the EU, but offer goods and services or monitor the behaviour of individuals in the EU

Who does the GDPR apply to?

The GDPR applies to the data processing activities of businesses, regardless of size, that are data processors or controllers with an establishment in the EU. Generally speaking, a controller says how and why personal data is processed and a processor acts on behalf of the controller. Where a business has ‘an establishment’ in the EU, activities of the business that involve processing personal data will need to comply with the GDPR, regardless of whether the data is actually processed in the EU.

The GDPR also applies to the data processing activities of processors and controllers outside the EU, regardless of size, where the processing activities are related to:

  • Offering goods or services to individuals in the EU (irrespective of whether a payment is required)
  • Monitoring the behaviour of individuals in the EU, where that behaviour takes place in the EU

How Vectra can help with GDPR Compliance

Vectra has the resources to help you achieve GDPR compliance. We can assist you by conducting the following;

  1. GDPR preliminary gap assessment
  2. Assist with implementing appropriate technical and organisational measures, including data protection policies, to ensure and be able to demonstrate that processing complies with the GDPR
  3. Ongoing monitoring and assurance

More information for Australian Businesses

The following resources may assist Australian businesses to assess whether they are covered by the GDPR and the steps to be taken to comply: