Book a personal demo and see how to make your website compliant today. Book a Demo now

GPDR Compliance

The General Data Protection Regulation is the latest European data privacy law that aims at changing the way EU citizens’ personal data is collected, processed and stored, transferring the power over personal data from companies to data subjects.

GDPR Compliance

What is GDPR?

The General Data Protection Regulation is the latest European data privacy law that aims at changing the way EU citizens’ personal data is collected, processed and stored, transferring the power over personal data from companies to data subjects.

A person’s identity is no longer just a set of randomly floating data; the new law provides power, control and consent over the shared data.

According to the GDPR, consent must be obtained from data subjects before companies can collect any personal identifying information. It also brings a new perspective on consent management, in which the liberty to withdraw consent must be granted at any moment.

Even though the first step towards GDPR compliance is awareness and a thorough understanding of what changes the regulation has brought, acknowledging its impact over your organisation is the starting point towards compliance.

Difference between the two Data Privacy Regulation

CCPA vs GDPR

Internet activity such as browsing and search history, as well as information regarding consumers’ interaction with a website, application or advertisement.
Education information not otherwise available.
Employment or professional information not otherwise available.
Inferences drawn from any of the information identified in this section that contribute to the creation of a consumer profile regarding the consumer’s preferences, characteristics, behaviour, attitudes, etc.
Identifiers such as name, surname, initial, alias, postal address, IP address, unique personal identifier, social security number, driver's license number, account number, passport number, etc.
Biometric information such as health data, face, fingerprints, retina, DNA, etc.
Commercial information, including records of personal property, purchased, obtained or considered products or services, purchasing or consuming histories and tendencies.
IssueCCPAGDPR
Who Does The
Regulation Apply To?
For-profit entities that process personal data of California residents and either:

1) Earn more than $25 million in annual revenues
2) Collect and process personal data of more than 50,000 consumers
3) Derives at least 50% of its revenues from “selling” personal data
Any organization (for-profit, non-profit and governmental) that processes
personal data of European citizens and residents, regardless
of the organization’s location
Basis For ConsentOpt-out (data can be collected as long as a consumer can withdraw their consent)Opt-in (no data can be collected without affirmative consent
from a consumer)
PenaltiesUp to $7,500 (or actual damages) for each violation if enforced by the Attorney General
Up to $750 (or actual damages) for each violation if enforced by an individual
The greater of 4% of annual revenues or €20 million
Individual Rights GrantedRight to request information
Right to data portability
Right to opt-out
Right to access data
Right of disclosure
Right to deletion
Right to restrict sale of personal information
Right to be informed
Right of access
Right to rectification
Right to erasure
Right to restrict processing
Right to data portability
Right to object to processing
Rights in relation to automated decision making and profiling
Collect Consent Receipts Easily

Cookie Consent & Compliance for GDPR

Inform your users about any personal data collection activity you may perform and collect their consent for doing so in an unambiguous, informed and free way.

Let them know what categories of personal information you are collecting about them, why you are collecting it, how it will be used, for how long and what other processors you are sharing this information with.

Don’t load any cookies or third party content on the website before obtaining your users’ explicit consent.

What is Data Subject Request?

Data Subject Rights And Requests (DSAR)

Under the General Data Protection Regulation, data subjects have seven fundamental rights.

 As a data processor or controller, you have the obligation of informing them about these rights, set up a mechanism for allowing users to exercise their rights, as well as to address these requests in a serious and timely manner.

DSAR RIGHTS

European Data Subjects' Rights

Right of access
Right to data portability
Right to restriction of processing
Right to object
Right to rectification
Right to reject automated individual decision-making
Transparent Organization

Company And DPO Contact Information

Under GDPR, companies are required to make the name and contact details of their Data Protection Officer as well as their company contact details publicly available to allow data subjects to easily contact them for inquiries.

GDPR TASKS

GDPR Compliance Checklist

One of the most challenging aspects of GDPR compliance is getting started: it seems like an insurmountable challenge! Clym can help with guidance, a vast library of content and most importantly, a scalable, flexible and cost-effective platform to help your privacy protocols grow with your business. Check out our GDPR Compliance Checklist at the link below to get started on your data privacy compliance journey.

Peronal Information Data Mapping

Data Mapping And Classification

Processing of personal data is only possible if you have a lawful basis, which means that you must determine and document yours before collecting any PII data.

As a data controller and processor, you have the legal obligation to identity and map the personal information collect, what is the legal base and processing purpose for doing so and what data processors have access to it.

Do more with emaus

Transparent Sharing

Make sure you update your Terms, Policies, Agreements & Procedures to include information regarding all processes related to personal data, explaining the reason why it is processed, who else has access to it, and what measures you are taking for ensuring its security.

Sign Up for Free today!

Website compliance in minutes.
Full access to all features
No credit card required until you’re ready to pick a paid plan
Let Us Show You What Our Tool Can Do

Book a Demo

Clym can help you make your website fully compliant with CCPA and GDPR and prepare you for upcoming privacy laws. Schedule a complimentary demo with one of our consultants and see how Clym can support your compliance journey.

Book a demo at your convenience

Let our experts show you how to make your website GDPR and CCPA compliant in a 1:1 demo

Learn more about GDPR

GDPR Related Blog Posts

Data Subject Rights And Requests According To The GDPR
02Oct

Data Subject Rights And Requests According To The GDPR

Control over personal data is shifting back to data subjects, as the GDPR puts a great emphasis on data subject rights and requests.

Google Analytics with GDPR consent in 10 seconds
24Dec

Google Analytics with GDPR consent in 10 seconds

Configuring your third party services to load only after obtaining consent got a lot easier with Clym. We’ve integrated over

Cookie Walls – are they GDPR Compliant?
19Jun

Cookie Walls – are they GDPR Compliant?

New consent guidelines from the European Data Protection Board (“EDPB”) state that these cookie walls are a violation of the GDPR.