The European Union's new data protection rules
Since 25 May 2018 new data protection legislation has been in effect across the European Union. At its core the new law regulates how companies or associations process the personal data of clients or members. For example, customers must be told from the outset which portions of their personal data -names, addresses, email addresses or ID numbers - are collected by whom and for what purpose. They have to give express consent and they must be told how long the data will be stored.
Any data that is no longer needed for the purpose for which it was collected, must be deleted. At the same time, as little information as possible must be processed and data can't be collected arbitrarily - there must always be a specific purpose. Data must be stored in a way that rules out unauthorised access as well as accidental loss. Consumers must be informed about any violation of data protection rules. Companies who violate the new rules face fines of up to four per cent of their total worldwide annual turnover.
[Attention: These images are intended exclusively for editorial use in connection with the current coverage and may be used only when using the copyright notice "Photo: dpa".]