Take GDPR Joe’s quiz to find out if you are GDPR Hero or Zero.

FACT OR MYTH

1.The GDPR will see that organisations can no longer rely on ‘implied consent’ as a legal basis for processing personal data. This is because all individuals will need to ‘actively consent’ for their data to be used.

FACT OR MYTH

2.Once the GDPR takes effect, serious tier 1 data breaches could result in fines of up to 4% of the offending company’s global annual turnover

FACT OR MYTH

3.The GDPR will not apply to international businesses who trade within the EU and Ireland if that businesses is based in a non-EU country.

FACT OR MYTH

4.Any personal data acquired before 25 May 2018 that is already stored in an organisation’s database will not be subject to the GDPR.

FACT OR MYTH

5.Personal data that is professionally ‘pseudonymised’ or encrypted for enhanced data protection will be treated in exactly the same way as standard, unmodified personal data under the GDPR.

FACT OR MYTH

6. Once the GDPR takes effect, all data collected from children or persons under the age of 18 will require parental consent, as opposed to just data that requires consent in order for it data to be legitimised or proven in some way.

FACT OR MYTH

7. All organisations that engage in large-scale monitoring or processing of personal data will be required to appoint a data protection officer if that organisation has 250 employees or more.

FACT OR MYTH

8. If an organisation’s data is stored with an external cloud service provider, it will be the responsibility of the cloud service provider and not the organisation itself to remain compliant with the GDPR.

FACT OR MYTH

9.Under the GDPR, individuals will receive a new ‘right to be forgotten’ once their data has been used for the original purpose for which it was collected.

Answers

1. Fact 2. Fact 3. Myth 4. Myth 5. Fact
6. Myth 7. Fact 8. Myth 9. Fact