In May 2018, the most comprehensive update to global data privacy regulations in decades, the European Union’s General Data Protection Regulation (GDPR), went into full effect. The new regulation aims to ensure businesses are transparent about, and accountable for, how they handle EU citizens’ information.

Although the European Union developed the new regulation, these rules have extraterritorial effect and apply to Indian businesses offering their products and services to European customers, including businesses located in India selling to EU citizens over the internet. These businesses will need to have strict processes in place for how they collect, store and use personal data in the course of their commercial activities. If they don’t comply, companies could be fined up to €20 million or 4 percent of global turnover, whichever is higher.

To help Indian businesses prepare for this shift in regulation (and avoid the stiff penalties!), American Express Global Business Travel (GBT) has developed a report entitled “European Union’s General Data Protection Regulation: A Guide for Indian Companies.” In it, you’ll find tips on how to:

  • Create a data inventory
  • Ensure transparent data processing
  • Keep international transfers compliant
  • Effectively manage data protection risk in the supply chain
  • Appoint a data protection officer
  • Effectively triage data breaches

To read the entire report and see how to plan for these shifting global privacy laws, fill out the form below and click the “submit” button. And for a quick reference sheet on how American Express GBT has prepared for GDRP, click here.

* indicates required field.