NewBase

GDPR


NewBase and the GDPR in Europe

About one year ago, the European Commission approved and adopted the new General Data Protection Regulation (GDPR). The GDPR is the biggest change in data protection laws in Europe since the 1995 introduction of the European Union (EU) Data Protection Directive, also known as Directive 95/46/EC. The GDPR aims to strengthen the security and protection of personal data in the EU and will replace the Directive and all local laws relating to it.

NewBase welcomes the arrival of the GDPR. The new robust requirements raise the bar for data protection, security, and compliance, and will push the industry to follow the most stringent controls, helping to make everyone more secure. We are happy to announce that NewBase, and all related entities  for either direct or in-direct supply and services, will comply with the GDPR when it becomes enforceable on May 25, 2018.

We continually maintain a high standard for security and compliance across all of our entities around the world. This continues to be our highest priority.

To further answer customers’ questions, we have provided links to some of our partners’ EU Data Protection websites. These websites include information about what the GDPR is, the changes it brings to organizations operating in the EU, the services these partners offer to help you comply with the GDPR, and advice about how you can prepare.

Links here: Google, MediaMath, LinkedIn, the official EU GDPR website

Read the WFA (Worls Federation of Advertisers) manifesto for data transparency.


What can you do?

Although the GDPR will not be enforceable until May 25, 2018, we are encouraging our customers and partners to start preparing now. If you have already implemented a high bar for compliance, security, and data privacy, the move to GDPR should be simple. However, if you have yet to start your journey to GDPR compliance, we urge you to start reviewing your security, compliance, and data protection processes now to ensure a smooth transition in May 2018.

You should consider the following key points in preparation for GDPR compliance:

Territorial reach – Determining whether the GDPR applies to your organization’s activities is essential to ensuring your organization’s ability to satisfy its compliance obligations.
Data subject rights – The GDPR enhances the rights of data subjects in a number of ways. You will need to make sure you can accommodate the rights of data subjects if you are processing their personal data.
Data breach notifications – If you are a data controller, you must report data breaches to the data protection authorities without undue delay and in any event within 72 hours of you becoming aware of a data breach.
Data protection officer (DPO) – You may need to appoint a DPO who will manage data security and other issues related to the processing of personal data.
Data protection impact assessment (DPIA) – You may need to conduct and, in some circumstances, you might be required to file with the supervisory authority a DPIA for your processing activities.
Data processing agreement (DPA) – You may need a DPA that will meet the requirements of the GDPR, particularly if personal data is transferred outside the European Economic Area.

NewBase treats security, data protection, and compliance as top priorities, and we will continue to work vigilantly to ensure that our customers are able to enjoy the benefits of the global NewBase network securely, compliantly, and without disruption in Europe and around the world. As we head toward May 2018, we will share more news and resources with you to help you comply with the GDPR.