Member-only story
Understanding GDPR (Part-1)
Protects the personal data of EU residents
This story aims to understand the GDPR, what it is, to whom it applies, and how we get to comply.
Consider an example to understand the concept —Scenario-1: Bob runs an online shop selling audio-video equipment. He resides in the USA and has hosted his server in the AWS US-east 1 region (Virginia). He outsourced administration work to another SaaS company named DooDot Processor. They are responsible for two things- 1) Collecting, Storing, and Processing the data from the website and 2) Handling the online payment transaction piece, which includes taking the credit card data, putting the charge on, and settling the money to Bob’s business bank account. Anyone from the USA and Europe can buy it online and get the product delivered by FedEx.
Scenario-2 Dan resides in Italy and has a physical bakery store. He sells online through the website, and whoever enters the physical store to buy it. From an online order, they only deliver the products to all European Union countries via FedEx.
What is a GDPR?
GDPR is a law in the European Union that protects people’s personal data and gives them control over how it’s used. It means companies must clearly explain what data they collect, why they need it, and keep it safe. If they don’t follow the rules…
