On May 25, 2018, the European General Data Protection Regulation (GDPR) came into force. As legislation directly binding all EU member states, the GDPR is a true paradigm shift. In the past, while statutory provisions did protect data subjects’ rights, a violation was not a barrier because fines for international enterprises were small. Now, any infringement could cost businesses up to 4% of their worldwide revenue or up to 20m EUR. Protection of personal data must now be taken seriously. Below is a general outline based on 11 questions we are asked regularly about the new regulation. Also rendered are references to how German and French law will apply the GDPR in the respective countries. As an EU regulation the GDPR is directly applicable and takes direct effect in each EU member state, superseding contradictory national laws. Yet, in some aspects the GDPR allows for the member states to implement individual national provisions that are stricter than the GDPR.
Please see full Chapter below for more information.