THE IMPACT OF
ON BUSINESSES IN THE MIDDLE EAST
WHAT IS THE GDPR?
The General Data Protection Regulation is a new piece of European privacy legislation and the most substantial development in international data protection law in more than 20 years.
WHEN DOES THE GDPR COME INTO FORCE?
WHY SHOULD MIDDLE EAST ORGANISATIONS BE CONCERNED?
Non-EU controllers may be required to appoint representatives in the EU
Penalties for non-compliance may be up to
EUR 20 million 4%or of global annual turnover,
whichever is higher
Obligation imposed to meet compliance standards
WHO WILL BE AFFECTED BY THE GDPR?
Any organisation that controls or processes personal data with a connection to the European Union (EU). Entities in the Middle East may be subject to the GDPR if:
they process personal data in the context of an establishment in the EU
they offer goods or services to data subjects in the EU
they monitor behaviour of data subjects in the EU
WHERE SHOULD I START?
ASSESS current data processing activities
CREATE a roadmap for GDPR compliance (and best data protection practice)
RAISE organisational awareness through training and communications)
REVIEW the GDPR and consider its potential impact
IDENTIFY key risks and priority areas
IMPLEMENT policies and processes (including technical and organisational changes) to comply with the new rules
MONITOR compliance and legislative developments
READ OUR CLYDE & CO ARTICLE FOR MORE DETAILS
J414766 - March 2018
Dino Wilkinson firstname.lastname@example.org +971 2 494 3595
Kellie Blyth email@example.com +971 4 384 4291