GDPR for Business

Our easy-to-read ebook will help your business understand and navigate what it takes to be compliant with the GDPR.

Start reading Download PDF

GDPR for Business


This book was conceived as a tool for those striving for GDPR compliance. While the GDPR is undoubtedly an important and necessary step for the privacy and fairness in our modern age, it has also proven to be a burden on those who desire to abide by these stringent new rules.

The goal of this ebook is to pass on the knowledge, opinions, and interpretations of experts who have been studying and investigating the GDPR since its conception. While we seek the best and most up-to-date interpretations of this new set of laws, it is possible that some of the interpretations and assumptions presented in this ebook are not the same as what was intended by the creators of the GDPR or are no longer the best interpretations in light of new supplements and clarifications released.

While this ebook is undoubtedly full of useful information, examples, guides, and checklists to assist you on your path towards GDPR compliance, we cannot guarantee its accuracy in every aspect, especially as the GDPR continues to change and receive additional clarification. Every attempt was made to call out sections where a clear, general consensus is not currently available or interpretations vary, but our best interpretations are provided with a deep level of understanding in the theory, application, and actual reading of the GDPR.

This ebook, however, should not be considered infallible and is not meant to offer legal advice. It is merely our effort to teach what we have learned from countless hours of research about the GDPR. We recommend you use this ebook as a primer in addition to a full reading of the GDPR to ensure a complete understanding of how the laws affect you and so that you can come to your own conclusions that may or may not be the same as ours.

Best of luck in your endeavors,

Ross Bass

What's inside

Chapter 1: What is the GDPR

What is GDPR The General Data Protection Regulation (GDPR) is a set of privacy laws from the EU that became enforceable on May 25th, 2018 and is perhaps the most important update to privacy law in the 21st century. It has a global reach that extends to businesses engaged in collecting...

Chapter 2: The Pillars of the GDPR

The Pillars of the GDPR Understanding the pillars of the GDPR can help us understand and interpret our responsibilities as business owners to ensure GDPR compliance and strong policies within our organization. Let's take an in-depth look at these core concepts of the GDPR and how we should navigate them. Pillar 1: Purpose...

Chapter 3: Data Controllers vs. Data Processors

Data Controllers vs. Data Processors A crucial aspect of the GDPR is the difference between a data controller and a data processor. Luckily, the distinction is fairly easy to understand and remember. Basically, a data controller is the one who decides what data is collected and how that data will be processed....

Chapter 4: EU Representatives and Data Protection Officers

EU Representatives and Data Protection Officers Depending on your data processing and collection methods as well as your geographical location and the location of your audience, you may be required to appoint an EU representative or Data Protection Officer. While both of these roles are intended to improve compliance with and enforcement...

Chapter 5: Choosing the Right Legal Basis

Choosing the Right Legal Basis The GDPR goes into great detail about when and how personal information can be collected and processed. Gone are the days where massive swathes of information could be collected, shared, and used for any number of reasons. The GDPR defines what is a lawful basis for...

Chapter 6: User Rights Under the GDPR

User Rights Under the GDPR While the majority of the GDPR lays out the rules and guidelines for those who wish to collect or process the personal data of residents of the EU, Chapter 3 focuses on the rights of those data subjects whose personal information is being handled. By clearly spelling...

Chapter 7: How the GDPR Affects Your Online Business/Online Presence

How the GDPR Affects Your Online Business/Online Presence So far we've looked at the substance of the GDPR and how it applies in theory. Now we'll look in detail at how the law applies to online businesses, and consider the practical steps you can take to ensure you're compliant. Firstly a reminder...