The new General Data Protection Regulation (GDPR) comes into force on 25 May 2018 across all EU member states. All organisations, irrespective of sector or size, has a legal obligation to comply with the new laws.
The regulation aims to:
- Safeguard the personal data privacy rights of individuals.
Heighten accountability for how personal data is acquired and handled.
The GDPR applies to organisations (and sole traders) who:
- collect, share and use the personal data of EU/EEA residents; or, who
offer goods and services to, or monitors EU/EEA residents.
GDPR bestows a number of rights to EU citizens but they are summarised by the DPC as follows:
- The Right to be informed
- The Right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- The right not to be subject to automated decision-making, including profiling
TicketSolve, in partnership with our Marketing & Development Manager Eric Hennelly Flanagan, has developed a handy guide to GDPR for arts and cultural organisations. Whilst the document is not a full exhaustive list of what needs to be done, it will provide organisations with a handy point of reference for their journey to full compliance.