Under the new law, the company must obtain approval from the user to collect data that will be used on the company's services. Meanwhile, the user has the right to be able to request the removal of personal data if needed and obtain information if the data provided is used by another party.
What is the impact on businesses in Indonesia?
GDPR has a global impact. Organizations outside the European Union that sell products, services, or collaborate with countries in the European Union must comply with applicable laws, including business people in Indonesia who want to expand to the European Union.
In addition, the existence of GDPR requires business person to update the terms and conditions of the use of applications or apps they have. The aim is to avoid sanctions, and users can clearly understand the use of personal data they provide on the internet.
Sanctions for GDPR offenders
For organizations that violate the established GDPR rules, they will get a penalty in the form of a maximum fine of up to 4% of global revenue or around 20 billion euros. Such penalties can be imposed for the most serious violations, for example not having adequate customer agreement to process data, or violating the concept of Privacy by design (data protection that is taken into consideration when designing a system). Another sanction is a fine of up to 10 billion euros if it does not report to the authorities within 72 hours of knowing that there is a data violation
In addition to avoiding sanctions, complying with GDPR rules will help you facilitate business activities related to the European Union.
Subscribe our newsletter here to get free tips & updates about digital marketing. Read our articles in blog MTARGET and don't forget to join in Telegram MTARGET channel for other information about MTARGET and our new updates.