General Data Protection Regulation

The European Union’s General Data Protection Regulation (GDPR) is widely recognized by privacy professionals as the most significant privacy legislation in more than two decades — perhaps ever.

What is GDPR?

With the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the European Parliament, the Council and the European Commission intend to strengthen and unify data protection and privacy for individuals within the European Union (EU). When the law takes effect in May 2018, it will trigger significant changes to how global brands approach online marketing, data protection and privacy policies.

It’s important to note that the new legislation also addresses the export of personal data outside the EU — effectively extending its application to any business with even a single customer in Europe.

GDPR Countdown

You have


to be fully compliant

Don’t wait, let Gigya show you how to easly address and manage compliance settings for your customers.

Request a Demo

What are key elements to consider?

  • Date Enforcement Begins: May 25, 2018
  • Fines: Up to €20,000,000 or 4% of total annual global turnover, whichever is greater, for the most serious infringements
  • Liability: Individuals whose privacy has been infringed upon can easily bring private claims against data controllers, and data subjects who have suffered non-material damage as a result of an infringement to sue for compensation
  • Changes: New elements and significant enhancements over current Data Protection Acts 1988 and 2003 (the Acts) requiring detailed consideration by all organizations involved in processing personal data

Download our data sheet now to find out how Gigya’s Customer Identity Management platform helps businesses meet many of the most complex requirements for GDPR compliance.

Gigya and GDPR: Helping manage your customers’ data to keep you in compliance

As the leader in Customer Identity Management, Gigya has implemented systems and programs to achieve compliance as a data processor and to help our clients meet the challenges of the GDPR, including:

  • A formal Information Security Management System (“InfoSec System”). This comprehensive set of written policies, procedures and practices is designed to ensure security for our clients’ data and confidential information and to effectively assess, manage, and respond to information security risks. Gigya is ISO 27001 and ISO 27018:2014 certified, and uses only SSAE-16 certified data centers to host its platform. Controls implemented as part of this InfoSec System include asset management, access management, change management, software development lifecycle management and vendor security screening. Download our data sheet to learn more about our industry-leading security and data privacy practices.
  • Privacy by design processes. Our product and product marketing teams work closely with our Chief Information Security Officer to address privacy and security concerns when determining product feature requirements.
  • A robust corporate privacy program. This includes operational procedures and privacy training and awareness building for employees.

Learn more about how Gigya approaches data security and privacy in our Trust pages.

Meet us at

Adobe Summit
London, UK

May 10 - 11, 2017

View Event >