7
The GDPR affects any organization collecting
or holding personal data from EU citizens. This
means that, in addition to EU-based companies,
multinational organizations that conduct business
in the EU or have EU residents visiting their
websites also have to comply.
Even if an organization is not using the data
collected for tracking purposes, it must still follow
the new set of rules to properly protect data and
abide by the new rights for individuals. Basically, if
an organization has a web presence in the EU, it has
to do its homework.
Why does it matter?