As a Practitioner of GDPR, our Director Gary Payne follows a number of GDPR discussion groups in Facebook, LinkedIn and elsewhere and he never fails to be surprised by the number of people who post comments on GDPR or who write ‘authoritative’ articles on GDPR which contain sometimes small, simple errors and sometime blatant misleading interpretations.
One of the most recent he’s seen is someone writing an article on GDPR which is being used indirectly to promote their company as a GDPR compliance support company.
It referred several times to GDPR being about EU Citizens and if your company sells to EU Citizens you must comply with GDPR. Also, if you process data on a large scale you must comply with GDPR, and that all major breaches must be reported.
Firstly, if you search the GDPR document you will not find the word ‘citizen’ in there…