Before understanding clearly what it means to be GDPR ready, you need to understand what it means. GDPR stands for General Data Protection Regulation. It’s a set of rules that protects an individual’s privacy. Its legislation regulates the processing of the EU resident’s data. This includes using, transferring, monitoring tracking, and even viewing personal data. It came into effect on 25th May 2018.
Does GDPR Apply to Your Company?
GDPR usually applies to any organization that processes the data of EU residents. Your company may not necessarily be based in the EU for that. Suppose, you are exhibiting at a fabric trade show in India which requires you to collect the data of various attendees. At the trade show exhibit, there might be few people attending from Germany. These would not be subject to GDPR if the exhibition is in India. However, they could be subjected to GDPR if they were in the EU.
When Does GDPR Apply to Your Company?
Here are some rules that will help you understand whether it applies to your company or not:
- Offer goods/services in the EU (eg., at exhibit systems)
- Monitor EU resident’s data behavior
- Collect personal data from EU residents (eg., at show booth during an exhibition)
- Collect personal data only as part of a marketing survey
- Have EU customers (includes customers acquired from pop up trade shows)
What should you be doing?
To avoid problems in the future, it’s better to determine whether GDPR applies to you or not. This is especially important if you plan on having an exhibition stand at any trade show in the EU. If it does, you have to disclose everything about what are you collecting, what are you storing, and in what ways are you using it.
While planning to attend a trade show exhibit and have your stand booth, you will collect visitors’ data. So, determine the level of compliance, and then develop a plan for it. After that, you decide to provide informed notice and get informed consent. Finally, you should go with the plan.