Whether based in or outside the European Union, organizations that process the personal data of individuals located in the EU must prepare to comply with the General Data Protection Regulation (“GDPR”)—a tougher and more complicated regulatory framework.
Replacing the 1995 Data Protection Directive, the GDPR tightens restrictions on the collection and use of personal data and permits national data protection authorities to impose fines of up to the greater of four percent of an organization’s annual global revenue or €20,000,000 for each infringement.
Starting May 25, 2018, organizations that process personal data in the context of their European operations, offer goods or services to the EU, or track the behavior of individuals located in EU must comply with the new law. Updating their vendor agreements to comply with the GDPR is one of the changes that organizations must make.
Please join Mayer Brown partner Oliver Yaros and senior associate Lei Shen as they discuss the GDPR and how to update these agreements. They’ll cover topics including:
- What the new requirements under the GDPR are
- What companies can expect—immediately and down the road—with the GDPR implementation
- How companies can best prepare to meet the obligations introduced by and avoid the substantially tougher sanctions under this new law
- How companies should be updating their vendor agreements to comply with the GDPR