PCBB and General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, as well as addressing the export of personal data outside of the EU. This regulation was agreed upon by the European Parliament and Council in April 2016, and will replace the Data Protection Directive 95/46/ec as the primary law regulating how companies protect EU citizens' personal details.
As our clients are determining if they are affected by GDPR or not, and addressing customer data and privacy issues, PCBB wants to share its position.
For purposes of the GDPR, compliance obligations for companies without a physical presence in the EU are generally only implicated if the company:
- offers goods and services in the EU
- monitors the behavior of EU customers (referred to affectionately as “data subjects” in the regulation).*
For any further questions on GDPR, please email us at firstname.lastname@example.org.
Helpful sources of additional information on GDPR:
- *GDPR considerations for community banks by Bank Bryan Cave, May 9, 2018.
- Melting over GDPR, Banc Investment Daily by PCBB, May 22, 2018.
- Large U.S. banks scramble to meet EU data privacy rules by American Banker, April 16, 2018.