What you should know about GDPR, and why it matters to you

Card image cap

Over the past few months you’ve probably wondered why your inbox has been flooded with emails from different companies telling you about changes to their privacy policy or asking you to update your data preferences.

That’s because the new European-wide General Data Protection Regulation (GDPR) has come into effect since May 2018.

Basically, the GDPR sets new rules for how companies collect, use, and store individuals’ data.

So if you’re getting those emails now, it’s because you’ve dealt with any of these companies or their subsidiaries before. You may not remember giving these companies access to your personal data; in fact that only proves why the GDPR is such good news.

Wait, so how is this good news?

The main aim of the GDPR is to guarantee the privacy and safety of your data, and hold companies accountable for how they collect, use, save, retain and destroy your data.

Under the GDPR you are now guaranteed these rights:

-Right to Access means companies are bound to improve transparency and should inform you about the collection and use of your personal data.

Remember those emails you’ve been getting? A large part of them is related to this right (basically, companies are telling you they have your data).

-Data Portability allows you to instruct a company that holds your data to send it elsewhere based on your requirements. For example, if you switch phone networks, you can have your previous provider switch all your data to your new provider, so you no longer have to change your number.

-Data Erasure, also known as the “right to be forgotten,” allows you to request company to erase your personal data completely (except in certain circumstances related to public interest, for example national health statistics).

-Breach Notification is now an obligation, meaning companies should report about potentially harmful data breaches within a maximum of 72 hours.

Companies are now only allowed to obtain “sensitive personal data” with the clear and explicit consent of their customers. They are required to hold this data separately, anonymously, and extra securely. Personal data in general refers to your name, address, phone number, email address, IP address, or even your location. “Sensitive personal data” includes things like your religious beliefs, political views, health data, sexual orientation, criminal convictions, biometric data; etc.

In short, companies are now held to higher standards of individual data privacy and protection. Any serious breach of these regulations can result in fines of up to €20 million or 4% percent of a company’s global turnover, whichever is higher.

For more details about the GDPR, visit the EU Commission’s official site: 2018 reform of EU data protection rules

What is Saradar Bank doing about the GDPR?

The new GDPR has set the bar high for organizations across sectors. Companies with an international reach understand it is in their interest to enforce the GDPR if they want to maintain their credibility and relevance in an increasingly global online market.

For this reason, the Lebanese Central Bank (BDL) has recently required Lebanese banks to present a roadmap for complying with GDPR directives by end-2018 (BDL Basic Circular 146).

At Saradar Bank, we understand that our success depends on our ability to make a positive impact with our customers. Based on growing demand from Lebanese consumers in general, we have already made data privacy and protection a top priority on our corporate agenda.

We believe that achieving compliance with the GDPR will help us strengthen our positive impact and we are committed to becoming fully GDPR-compliant in the near future.

Even before the issuance of BDL Basic Circular 146, we had already begun performing a GDPR maturity assessment of our organization. Based on our findings, we will outline an execution strategy across our data protection protocols, business processes, and infrastructure. Finally, we will draw an implementation plan to reach our goal.

Stay tuned for updates!

* Your email will be stored in an external database