What is GDPR?

The EU’s General Data Protection Regulation (GDPR) came into effect in 2018. It gives individuals rights to not only access, but delete their personal information which means any information that can directly or indirectly represent them. It includes everything from collecting user Data, storing that Data, making it available to others, and removal of Data. 

What you need to know about GDPR compliance

The regulations apply to the European Economic Area

The GDPR impacts every entity everywhere that holds or uses European (including Iceland, Lichtenstein, and Norway) personal Data.

Companies can expect stricter fines if found to be mismanaging personal Data

Any person who has suffered damage as a result of an infringement (material or immaterial) will have the right to receive compensation from the controller or processor for the damage suffered.

ALL organisations are expected to reassess their Data processing controls

The mandate includes large enterprises, small & medium business (SMBs), and even sole proprietors. All organisations are required to implement a plan to be compliant.  

Good Data governance practices need to be shown

To achieve Data privacy, organisations require ‘privacy by design’, ‘privacy by default’, and ‘accountability.’ Without undue delay and, where feasible, this needs to be shown no later than 72 hours after having become aware of a Data breach. 

What is CCPA?

Enforcement of the California Consumer Privacy Act went into effect July 1, 2020. It is the most significant US privacy law to date – you don’t even need to have operations or employees in California for it to affect you. It also gives consumers more control over their personal information that is collected and businesses of any kind, including brokers, are required to give consumers certain notices explaining their privacy practices, including:

- The right to know about the personal information a business collects about them 
- The right to know how information collected is used and shared
- The right to delete personal information collected from them (with some exceptions)
- The right to opt-out of sale of their personal information

What you need to know about CCPA compliance

Business operating outside of California can still be affected

CCPA applies to all for-profit companies that collect, share, or sell the personal Data of California consumers and either process Data on more than 50k consumers, have more than $25m in annual revenue, or have more than 50% of annual revenue from Data sales.

Consumers have the right to claim damages

Businesses should be aware that consumers can exercise a Private Right of Action (PRA) if certain types of personal Data is leaked. Consumers have the right to claim damages up to $750 per person for distress alone with damages uncapped for more material harm.

Failure to comply to requests for deletion results in fines

Consumers are in control and are able to request for their Data to be deleted. This may sound logical but in reality, it can be difficult for organisations to comply with these requests. Unfortunately, under the CCPA, failure to comply can result in fines. 

De-identify to retain behavioral and historical data

To fulfill requests for deletion while maintaining the value of Data, the regulator has confirmed that it’s possible to take Data out of the scope of CCPA by de-identifying Data. That means, you can still retain behavioural and historical Data for future analysis.

Why choose SecureAge for

GDPR & CCPA compliance?

When your Data is protected at the file-level with SecureAge technology, your business becomes bulletproof. With SecureAge, every file is protected in every place, every time. So you're not just ticking compliance boxes, you're getting real protection that will stay compliant today and tomorrow.

Inherent Data protection by design & default
Our encryption technology encrypts all Data (files, email, and more) whether in-transit, in-use, or at-rest and it does so without disrupting traditional user processes. We remove the human element and allow people to work as they normally do without sacrificing security.

100% protection without additional infrastructure
Our software uses asymmetric encryption - a failsafe PKI-based technology that operates at the file-level to protect 100% of your Data, 100% of the time. The icing on the cake is, it doesn’t require any additional infrastructure and can be deployed on new or legacy systems and alongside existing applications.

A block-first approach to unknown threats
Our application control uses an AI-powered engine and a zero-trust approach to detect and block unauthorised access to Data. Not only is your Data completely protected in the event of a breach, our approach goes beyond traditional anti-malware solutions in detecting known and unknown threats that could potentially lead to a Data breach.
wave wave wave

Experience the SecureAge difference

Are your existing Data privacy solutions compliant today and tomorrow? Our solutions are.

Our website uses cookies to ensure you get the best experience and can find what you need. Read our cookie policy