GDPR Compliance

GDPR Compliance for US Companies

As the world moves towards a more encompassing digital age, an increasing number of companies collect and use customer data. Such data is protected by various regulatory requirements, which set guidelines (and, most often, strict rules) for how the data can be collected, processed, and protected. One of the most stringent legal frameworks dealing with data protection and security is the General Data Protection Regulation (GDPR).

Passed by the European Union (EU) in 2016 and in effect since 2018, the GDPR requires compliance not only by companies based in the EU, but any entity that handles the data of EU persons. Many US companies can be required to comply with the GDPR. Failing to meet the compliance requirements can have serious repercussions, which is why our team at CDG is ready to help with GDPR compliance consulting and services.

Data Protected by the GDPR

A US business or company will have to meet compliance requirements per the GDPR even if the entity’s operations are not solely based in the EU. For example, the provision of goods and services to customers in an EU member state will trigger compliance requirements. Furthermore, if a business can access or processes any personal data of EU customers, it will be required to comply with the GDPR.

GDPR Regulatory Framework

The GDPR regulatory framework deals with the protection of personal data. Said data can include, but is not limited to, names, gender identification, physical and online location data, email addresses, home addresses, political opinions, and cookie information. Essentially, personal data is any sort of information that can identify a person. The GDPR compliance requirements are in place to ensure businesses process and store personal data in such a way that meets data protection principles of accountability, transparency, and confidentiality, among others.

Complying with the GDPR Requirements

For a US company, the first step should be to analyze whether its operations include the processing of personal data for persons in the EU. Certain companies may be required to appoint a data protection officer as well, whose duties have been delineated by the GDPR. Other aspects of GDPR compliance pertain to consent, data processing agreements and standards, and the use of appropriate tools and applications.

The GDPR has enforcement mechanisms in place that meet non-compliance with strict fines. To prevent that outcome, our experienced team at CDG will help with the creation of standards and programs that meet all compliance and regulatory needs.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

GDPR Compliance

GDPR Compliance for US Companies

Data Protected by the GDPR

GDPR Regulatory Framework

Complying with the GDPR Requirements

Cybersecurity Should be an Advantage, not a Cost Center. Let’s Get to Work.