GDPR University Everything you need to know about GDPR compliance Compliance with the landmark data privacy regulation is essential for companies doing business in the European Union, but has global influence. Stay compliant and avoid penalties with these basics. Getting Started What is GDPR? The General Data Protection Regulation (GDPR) sets the standards for acquiring, managing and processing the personal data of European Union (EU) citizens and its residents—identified as “data subjects”. GDPR has established that no organization can collect, store, or use personal data without the explicit consent of the data subject. 01. Data What does GDPR define as Personally Identifiable Data? Within the scope of GDPR, protected and covered data is defined by how it can be tied back to an individual or “data subject.” GDPR: What is Personally Identifiable Data? icon-arrow-long 02. Legitimate Interest Legitimate interest and the processing of data Understand the intricacies of GDPR legitimate interest and get practical examples of how it applies to real world scenarios. Unpacking GDPR: Legitimate interest icon-arrow-long 03. Scope What countries fall under the scope of GDPR? Whether your organization has to comply with GDPR can come down to where you do business and how you handle data. GDPR countries: What countries are covered by GDPR? icon-arrow-long 04. Non-compliance The penalties associated with GDPR non-compliance See where companies tend to fall out of compliance with GDPR and the steep impact of non-compliance. GDPR penalties and fines: An introduction icon-arrow-long 05. Equivalent Is there an equivalent of GDPR in the United States? Your business may not need to comply with GDPR, but state and federal regulations in the US can have similar effect. GDPR US equivalent: How the US and EU compare on data privacy laws icon-arrow-long IN CONTEXT What does GDPR compliance look like for your business Understand the real-world impact of GDPR and what non-compliance can look like if you don’t take a privacy-first approach to data and consent management. Monster Meta GDPR fine drives home importance of compliance Jay Trinckes, head of compliance, walks you through the largest GDPR fine to date, its impact, and what your organization can learn from this landmark event. Read more icon-arrow How the EU-US Data Privacy Framework Affects Data Transfers The recently adopted EU-US Data Privacy Framework allows US-based organizations to transfer the personal data of EU citizens to the US. Find out what it means for your business. Learn about the change icon-arrow Continued Learning Understanding CPRA in the United States The closest equivalent of GDPR in the United States is the California Privacy Rights Act (CPRA), a comprehensive privacy law providing Californians with increased data protection and requiring businesses to update their policies accordingly. Similar to GDPR in the EU, if you process the data of California residents, you need to comply with CPRA. What is CPRA? icon-arrow Talk to an expert Your path to GDPR compliance—simplified Thoropass provides the unique blend of compliance expertise and GDPR compliance automation to efficiently monitor your compliance with GDPR and data privacy regulations. See how we can help icon-arrow
