Did You Know?

Our “Did You Know?” section offers bite-sized facts that simplify complex GDPR rules into easy-to-understand nuggets of information. Learn something new, one fact at a time. We’re regularly adding more facts, so check back often to stay updated!

GDPR & AI

GDPR regulates AI systems that process personal data.
Any AI system that processes personal data must comply with GDPR’s transparency and consent requirements, especially when used for profiling or automated decision-making.

Privacy by Design & Data Sharing

GDPR requires data protection by design and by default.
Privacy and data protection must be built into the development of processes, products, and services from the very start. This means companies must ensure that privacy settings are at the highest standard by default.

Sensitive Data & Minors

Health data is considered sensitive under GDPR and requires special protection.
Health data, including medical records and health conditions, is categorized as sensitive data under GDPR and can only be processed with explicit consent or under specific legal conditions.

Data Subject Rights & Consent

GDPR gives individuals the right to access their personal data held by companies.
Individuals can request copies of any personal data a company holds about them. Companies must respond to these requests within one month, ensuring transparency and control over personal data.

Fines, Penalties & Data Breaches

Amazon was fined €746 million under GDPR.
Luxembourg's National Commission for Data Protection imposed a record-breaking fine on Amazon for non-compliance with GDPR’s data processing rules, particularly regarding targeted advertising practices without proper consent.

Data Protection Officers (DPOs)

Some organizations are required to appoint a Data Protection Officer (DPO) under GDPR.
Under GDPR, organisations that monitor individuals systematically, process sensitive data, or handle large-scale personal data must appoint a DPO to ensure compliance. Even when not mandatory, having a DPO strengthens accountability and builds trust with clients and regulators.

Historical Framework of GDPR

GDPR applies directly across all 27 EU member states.
GDPR is a regulation, not a directive, meaning it applies directly in all EU countries. However, certain provisions allow national variations, leading to some differences in implementation across Member States.

GDPR in a Nutshell

GDPR stands for the General Data Protection Regulation.
The GDPR is an EU regulation that safeguards privacy rights while ensuring organizations process personal data lawfully and fairly. It sets clear principles for data handling, helping businesses build trust and demonstrate accountability, without imposing disproportionate burdens.

PROFILE

SOLUTIONS

KNOWLEDGE HUB

Articles & Insides

Did you know?

Glossary

CONTACT US

Facebook Linkedin Instagram Youtube