The European Union’s General Data Protection Regulation has come into effect on 25 May, which strengthens European citizens’ rights to know more about the data companies hold of them. Data processors and data controllers now have a responsibility to be transparent about the data they hold and how it is used.
So what is GDPR?
“The idea is to make sure that individuals are put back into the equation”, Burling explained, “and to give them more control of their personal data.”
GDPR and the maritime industry
“For the maritime industry, that’s a particular challenge. For example, port agents can be appointed at very short notice, If you have a crew member that needs to be taken off the vessel because they are ill, that is special category data – health data –, which will be transferred to someone outside the EEA if the port happens to be, let’s say, in the Middle East. So maritime organisations need to think about how to make all of these processes legitimate.”
What next after GDPR?