Part 1. What is GDPR?

If you are a fleet manager or a fleet management solutions provider, by now you have probably heard about the new General Data Protection Regulation or simply GDPR.

We have prepared a series of posts, to help you to understand how it will affect fleet management.

What is the General Data Protection Regulation?

The General Data Protection Regulation (“GDPR”) is a comprehensive EU data protection law, which comes into effect on May 25, 2018. The GDPR expands the privacy rights of EU individuals, and places heightened obligations on companies that process EU personal data in the context of providing goods or services to those individuals.

GDPR replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

When will GDPR be enforced/applied?

  • GDPR will officially apply as of 25th May 2018.
  • GDPR comes into force on the same day, i.e. 25th May 2018, in all EU member states.

What does the GDPR regulate?

The GDPR regulates the “processing,” which includes the collection, storage, transfer or use, of personal data about EU individuals. Any organization that processes personal data of EU individuals, including tracking their online activities, is within the scope of the law, regardless of whether the organization has a physical presence in the EU.

Importantly, under the GDPR, the concept of “personal data” is very broad and covers any information relating to an identified or identifiable individual (also called a “data subject”).

What is personal data?

Any information related to a natural person or ‘data subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, physical location, medical information, computer IP address and many more categories of personal data.

Is GDPR only applicable within the EU?

Despite being a European Union regulation, the GDPR has far-reaching implications for any business that has a global presence. In short, it impacts any business, EU-based or not, that has EU users or customers.