About General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR) is the new European Union data protection law that took effect on May 25, 2018. It explains a business’ responsibility in relation to the personal data they collect and store and governs the processes businesses use for managing that personal data.

Who will GDPR affect?

GDPR will affect all businesses (including sole traders) who hold or process the personal data of people in EU Member States. There are potential fines of up to 4% annual global turnover or €20m, whichever is greater, for businesses that do not comply.

North American companies that do not do business with any of the twenty-eight EU member states must still consider the impact of GDPR. For example, content on the company web site should be reviewed for compliance. Particularly if the web site markets products or services to a global audience or if the content is localized for markets in any of the EU member states. Some typical North American industries who may be impacted by GDPR are e-commerce, travel, and hospitality.

What is Sage doing to prepare for GDPR?

Sage is actively working on its GDPR strategy and has robust governance procedures in place to manage the implementation of GDPR. This includes a Data Governance Committee, which is comprised of stakeholders from all Sage business areas to ensure that we are prepared for GDPR.

Want to learn more?

Visit the GDPR page on our website to learn everything you need to know about GDPR. Additionally, you can go to the GDPR section of the Sage Marketplace to assist you in meeting your GDPR obligations.