info@accountingnetworksl.com
+34-952-76-5541

News

Almost 40% of Small and Medium Businesses still do not know the new data protection regulations (GRDP)

In spite of this, the predisposition to adapt is high.

The new General Regulation of Data Protection (GRDP) came into force throughout the European Union on May 25. At the end of July, the data indicates that almost four out of ten Spanish Companies still have no knowledge of this regulation. According to a recent survey conducted by the Spanish Agency for Data Protection (AEPD) and the Spanish Confederation of Small and Medium Enterprises (CEPYME).

This new rule establishes that all companies in the European Union must apply a series of principles when dealing with the data of their customers, suppliers and employees. Up until now, it was not necessary to have the explicit consent of the users to be able to process their data and send them commercial messages. However, from May 25 2018, the explicit consent is mandatory to collect any of personal data of customers, suppliers and employees.

Other new features introduced by the new European regulation are:

1.- The inclusion of the right to forgotten,

2.- The copying of data and the right to data portability (the right to access of personal data held),

3.- The management and registration of data stored and/or transported or moved and the right to know of any security breaches.

Important fines

Penalties for companies that do not comply to the regulation have also risen considerably, with fines reaching up to 4% of the company’s annual turnover.

The survey shows that it is still necessary to carry out an effort to broadcast current legislation among SMEs. In this sense, the administration is working with the autonomous communities to broadcast, through various channels, the obligations of the new Regulation and the tools offered by the AEPD (The Spanish Data Protection Agency), to companies to facilitate compliance with the new regulations.

The study also highlights the lack of resources of many SMEs to face the obligations of the regulations on data protection, but also expresses the positive attitude of these companies to obey their obligations in this area.

85% of SMEs surveyed are willing to hire an advisory service, while 79% show their willingness to learn more about the Regulation.