Doing business in the EU requires companies to comply with the General Data Protection Regulation (GDPR) in order to protect any personal data that is collected from the EU. The GDPR is a data protection and privacy regulation in EU law which applies to any entity which:
* Processes personal data in the EU,
* Offers goods/services in the EU, or
* Monitors the behaviour of individuals in the EU.1
In this series, representatives from organisations that have met GDPR requirements share their experiences with the same. This includes meeting technical and policy requirements, and adopting data governance strategies for improved data management.
The submissions here were made as a part of Privacy Mode’s Fellowship Programme which aims at documenting privacy practices that can be widely adopted and innovated upon across the industry. Implementing these practices and principles to comply with the GDPR would also help to comply with India’s upcoming Data Protection Bill.