Tag Archive for: Impacts of General Data Protection Regulation

With the European Union’s new General Data Protection Regulation laws now in place, we thought we’d share what we’ve done over the past while in order to ensure we are compliant as a South African business. Much of what the GDPR has identified in terms of Data Protection were things that, over the past 25 years, we have already implemented, to ensure that we are a quality provider. Nonetheless, our Compliance Committee took the opportunity to review the requirements and ensure that we continue to meet global compliance requirements. Some of the areas we have worked on are:

  • Divisional Data Audits have taken place, providing us with an overview of how each business sector handles their data.
  • Our Data Protection Policy, that governs data protection for the entire business, was reviewed to ensure its compliance with GDPR requirements.
  • GDPR training systems have been implemented, containing guidelines to comply with the new regulations. The training can be updated as needed.
  • A revised Data Privacy Policy has been added to our website.
  • Our email disclaimers have been amended.
  • We have taken the step of introducing a few new processes in terms of authorizing our Ground Consultants to deliver services, as well as closing off files, to ensure higher levels of data protection.
  • Our IT systems have been reviewed to ensure all data is secure while in transit, and when stored.

Going forward, we will be actively monitoring the legislation’s roll-out, to keep ahead of any possible changes. If you would like more information about our GDPR compliance, feel free to reach out to us. We implore all businesses, even those based outside the EU, to ensure that they have strict data protection policies in place – even those that extend further than the new GDPR requirements. The protection of personal information is becoming increasingly important in a time when more information can be sourced and disseminated online.


For information as to how Relocation Africa can help you with your Mobility, Immigration, Research, and Remuneration needs, email marketing@relocationafrica.com, or call us on +27 21 763 4240.

Sources: [1]. Image sources: rawpixel on Unsplash [1].

On May 25, Europe’s new set of Internet privacy rules, the General Data Protection Regulation (GDPR), will go into effect – reshaping the way our online world works.

From that date, if your personal data is being used by any company in the European Union, then you have rights that didn’t exist before. This has a global impact because so many internet companies have employees or users somewhere in Europe.

GDPR does have good intentions, however, some of the law itself really breaks the internet.

Jason Bier, Engine Media Group

Data is a billion-dollar industry and the new law applies to all global Internet companies processing user data in the EU. They include everything from credit card details to photos and even biometric data.

This is in response to protect internet users in light of the Cambridge Analytica scandal involving their illegal harvesting of data to craft ads supporting Donald Trump’s election campaign and the Brexit campaign.

Under the new rules, companies must clearly ask for consumer’s consent to harvest data, so they have to actively “opt-in” and be informed how their data is being used and for what purpose.

Those in breach of GDPR can be fined up to four percent of annual global turnover. And users who no longer want their personal data processed have the right to be forgotten and have their data deleted.

Potential pros and cons of GDPR

Jason Bier of Engine Media Group believes that “GDPR does have good intentions, however, some of the law itself really breaks the internet.”

“There’s a lot of confusion in how … personal data will be interpreted by the data protection authorities in each member state,” says Bier.

“There has been the addition of an IP address, which is considered personal data, that if it’s processed before consent is given by the user that would be a violation of the GDPR. And as we all know the IP address is an essential building block of the Internet. Every communication that’s sent between a device and the webpage exchanges that simple data.”

“So it’s really a question of, what is consumer data, what is personal data? And that definition has been broadened dramatically.”

Bier thinks Google and Facebook will be empowered by GDPR, because “they’re very familiar to people, their services are widely used … so they’re going to get opt-in consent. That’s really the issue here. Small businesses can’t get opt-in consent because they don’t collect personally identifiable information like Google and Facebook do … They’re going to collect more, not less, data on individuals and associate that to personally identifiable information.”

Diego Naranjo, a senior policy adviser at European Digital Rights, doesn’t agree with Bier that the new privacy rules will benefit big companies like Google or Facebook.

“The new regulation brings a lot of strength and mechanisms, it brings potential big sanctions, so I don’t think they will be able to directly benefit from it. If they follow the rules, they will be able to do their business as anybody else. Of course, they’re big, so they’ll be able to adapt quickly but I’m not sure this will reinforce these two companies – but rather the opposite,” says Naranjo.

He admits that not enough has really been done to educate and inform people about GDPR and its implications.

“We’ve been telling the European Commission that such a change needs a proper campaign to tell people how their rights are going to be reinforced. We’ve seen a lot of misinformation by private companies who see their business model potentially affected by this regulation,” says Naranjo.


For information as to how Relocation Africa can help you with your Mobility, Immigration, Research, and Remuneration needs, email marketing@relocationafrica.com, or call us on +27 21 763 4240.

Source: Al Jazeera [1]. Image source: [1].