Mai 26

The entry into force of the European regulation on Personal Data Protection

Because of the risks related to the data processing, the EU has worked on a new regulation related to the collection of personal data in order to ensure a better protection to European consumers. This reform package brings to an end the patchwork of data protection rules that existed in the EU. The purpose of the General Data Protection Regulation is to enable people to control better their personal data.

This new regulation was adopted by the European Institutions on the 27th April 2016 and came into force on the 24th of May 2016.

Consequently, all companies collecting, processing and storing personal data will have to comply with this regulation from 2018. This regulation is applicable in all members states of the EU.

The EU Regulation 2016/679 provides important stipulations regarding the protection of natural persons and the processing of personal data, which are notably:

–          Strengthening the existing rights, by allowing the citizens to have additional information about their data processing and to obtain it in a clear, accessible and understandable form,

–          Strengthening the right to be forgotten, which makes more effective the citizens’ control over their data,

–          The need to obtain an express and informed consent of the person concerned with the use of her/his personal data,

–          The right to transfer her/ his personal data to another service provider,

–          The right to be informed in case of data hacking,

–         The fact that the privacy policy is explained in a clear and comprehensible language is guaranteed,

–          A more stringent implementation and fines of up to 4% of a company global turnover, in order to discourage the rules’ infringement.

 According to the CNIL, this regulation is a big step for data protection in Europe.


This post is also available in: Anglais