Wróć doAktualności

What is the EU’s GDPR (General Data Protection Regulation)?


EUのGDPR(General Data Protection Regulation)とは?






What is the EU’s GDPR (General Data Protection Regulation)?

The GDPR is a law that defines in detail the protection, transfer, and other handling of personal data such as „name,” „e-mail address,” and „credit card number” obtained in the EEA region. This law is applicable to all EU countries.

GDPR is said to be the most stringent data protection law compared to other privacy laws in the world, therefore Japanese companies which locate subsidiaries in the EEA, companies doing business with companies in the EEA, and companies offering sales and other services in the EEA should know the contents.

First, it is important to note that the GDPR’s definition of personal data includes IP addresses and cookies. As in Japan, when acquiring personal data, the acquirer must be notified of and obtain consent for the purposes for which the data will be handled and for how long the data will be stored. The difference is that there must be a person within the organization responsible for overseeing compliance with the GDPR and that establishments not based in the EEA must have a representative in the territory, and in the event of a breach of personal data, the In the event of a breach of personal data, the supervisory authority must be notified within 72 hours.

Data acquired in the EEA territory is prohibited from taking information from within the territory to outside the territory, and violations of the law are subject to a warning, suspension, and a fine of up to €2 million or 4% of annual global turnover.

We offer services related to GDPR and whistleblower systems. Please feel free to contact us for further information.

Skontaktuj się

    Go to top