Select Page

Are you ready for GDPR? The General Data Protection Regulation is now law in the European Union (EU) and you may have some questions about it. Here’s what we know about the law and what we’re doing to make CloserConnect GDPR-Compliant. This article does not constitute legal advice but serves as a resource for reference. We recommend you consult legal counsel to learn about how GPDR impacts you and your company.

What is the GDPR?

After four years of preparation and debate, the GDPR was finally approved by the EU Parliament on 14 April 2016. Enforcement date: 25 May 2018 – at which time those organizations in non-compliance may face heavy fines. The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. – Trunomi – May 2018

What are the basics?


Explain clearly why the user should provide personal information. How the information will be used and how long it will be kept.


Require user consent for the processing of personal information. The need for consent and the information being released by that action should be readily available.


Provide access for users to view what information is being stored and how it is being utilized.


In the event of a personal data breach, companies are required to notify regulatory authorities within 72 hours of discovery.

Erase data

Personal information needs to be removable on request if it violates GPDR or the fundamental rights of Europeans.


Individuals have the right to appeal against the decision when it is based on automated processing and produces a legal effect or similarly significant impact on the individual.

Sensitive data

Ensure safety of ethically-sensitive information such as health, race, sexual orientation, religion and political view.


Individuals should be able to opt-out of direct marketing campaigns that utilize their data.

Data transfer outside the EU

Personal data can only be transferred to the countries outside the EU and the EEA when an adequate level of protection is guaranteed.


What is PII?

Personal Identifiable Information (PII) is any data that can be used to identify a specific individual. Any information that can be used to distinguish one person from anonymous data. PII under GDPR has been expanded to include:

Linked personal data examples(directly linked to a person) Linkable personal types(combine to identify a person) Sensitive (special personal data types)
Full name First name only Biometric data
Date of birth Last name only Racial data
Residential Address A portion of the address (country, street, postcode etc.) Health data
Telephone number Age Category not specific (20-30 years or 40-60 years etc.) Ethnic origin
Email Address Place of work Political opinions
Passport number Position at work Religious or philosophical belief
Identification number IP address Trade union details
Drivers Licence number Device ID Genetic data
Social security number Sexual preference
Banking/card numbers

What is CloserConnect doing to prepare?

We have changed many of our internal policies, and are committed to compliance with the GDPR. We’re also working to build tools and processes for our users to handle their data appropriately.

What can I do to prepare?

We encourage you to consult your company’s policies on handling Personal Identifiable Information (PII) in the US, EU and elsewhere and consult with legal and/or data security professionals about your GDPR compliance.

We highly recommend consulting the full text of the GDPR for more detail.


Disclaimer: This is not an official EU Commission or Government resource. This article and the information contained does in no way constitute legal advice. Any person who intends to rely upon or use the information contained herein in any way is solely responsible for independently verifying the information and obtaining independent expert advice if required.