EU threatens big fines for data protection infractions
Companies that fail to comply with the EU’s new data protection rules could be fined up to €20m or 4% of their annual global revenues, experts warn. All companies — including those in SA — that control or process personal data of EU citizens or residents will have to be compliant with the EU’s General Data Protection Regulation (GDPR), says Sandhya Ramdhany, legal director at Oracle. "For example, if a German citizen buys a house in Camps Bay and applies for a mortgage through a local bank, the bank will control or process that citizen’s data and hence will need to be GDPR compliant. The same principle applies for someone booking a hotel or a car [with a South African firm]." Under the new rules, effective from May 25, companies must safeguard consumers’ personal data and allow them to access their data or request that the data be erased "if the reasons for collecting the data have expired", Ramdhany said. Consumers could ask a company to move personal data from one data centre to a...
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
Subscribe now to unlock this article.
Support BusinessLIVE’s award-winning journalism for R129 per month (digital access only).
There’s never been a more important time to support independent journalism in SA. Our subscription packages now offer an ad-free experience for readers.
Cancel anytime.
Questions? Email helpdesk@businesslive.co.za or call 0860 52 52 00. Got a subscription voucher? Redeem it now.