GDPR (General Data Protection Regulation) is a topic that has built a lot of buzz in the past, but the legislation was first adopted in April 2016, with a two-year transition period allowing businesses to prepare for it until it came into full effect in 2018.
As of May 25, 2018, all organizations in the EU – and many more around the world – need to comply with the European Parliament’s General Data Protection Regulation (GDPR) replacing the Data Protection Directive (DPD) of 1995.
The General Data Protection Regulation ensures that people in the EU have better control over their personal data. But what are the GDPR guidelines and its implications? And what does it mean for companies and organizations that are outside the EU? Let’s find out more.
What is GDPR?
The General Data Protection Regulation was established in the European Union to address data protection and privacy within the EU and the EEA (European Economic Area), while also dealing with the transfer of data outside of these jurisdictions / areas.
In a nutshell, this regulation dictates that specific data protection principles and systems must be implemented by any business or organization to safeguard privacy and data of its customers and users. Also, among other things, the GDPR guidelines specify that any data collection – as well as the purpose for the data processing – must be disclosed, as well as if this data is being shared with other parties outside the European Union. The fact that other countries outside of the EU enacted similar legislation thereafter shows how important – and necessary – the GDPR principles are.
GDPR principles and personal data
We are living in a digital era where technology is ubiquitous, and customer data is collected haphazardly. As a result, sometimes as individuals we don’t have much power (and/or knowledge) over how it may be used – and with what purpose. That is a point of concern, and, in that respect, what the EU is seeking with its GDPR guidelines is to guarantee people have a better understanding of how their data is used, and provide them with the right to control its usage.
But how exactly do we define personal data? According to the European Commission, “Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.”[1]
Under the GDPR guidelines, the concept of personal data encompasses that notion, along with mobile device identifiers, geolocation, biometric data, and IP addresses, for instance. It also includes data related to an individual’s physical, genetic, psychological, economic, cultural, or social identity.
GDPR compliance and goals
The goal of the GDPR principles is to significantly strengthen the rights of individuals, who will now enjoy the benefit to ask companies to reveal or delete the personal data they hold. Regulators, on the other hand, will be able to work in greater conformity across the EU, instead of having to follow different laws in each jurisdiction.
In that sense, the GDPR requirements will bring more transparency in how organizations collect data about people. Going forward, some types of individual profiling will no longer be acceptable unless the person in question has wilfully consented.
But how exactly does this work? GDPR compliance will be applicable to both data ‘controllers’ and ‘processors’. Let’s understand the meaning of these concepts. Controllers are companies using personal data, which might range from a one-person online retailer to multinational corporations. Processors are those companies that manage the data under the controller’s guidance. In the past, only controllers were accountable for any data breach or misdeed. With GDPR principles now in place, both controllers and processors are obliged to comply with the legislation, making it one of the main differences between GDPR and the previously established DPD.
The GDPR requirements also apply to all companies that process personal data of people residing in the EU, regardless of the company’s location.
Data protection: everyone’s concern; Ria Money Transfer’s priority
At Ria Money Transfer, the confidential treatment of personal data has always been paramount and is an intrinsic responsibility for our business around the world. We welcome GDPR compliance and embrace the new legislation for the collection, use, disclosure and security of individuals’ personal data.
Committed to complying with the new regulations and promoting a stronger sense of respect and security for the privacy of our clients, partners, and employees our parent company Euronet has appointed a Data Protection Officer (DPO). With this and the continued support of dedicated compliance officers and specialists, Ria will continue to provide a thorough approach to compliance, ensuring maximum safeguarding and an optimal personal data protection system.
[1] European Commission: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en
The information on or through this site is provided for general informational purposes only and should not be relied on as a substitute for specific advice about laws, regulations, taxes, finances, immigration or travel. For specific advice, contact a licensed attorney, financial advisor or other professional. We disclaim all liability and responsibility arising from any reliance placed on this site. We do not warrant the accuracy or usefulness of this information. This site may contain links to other sites and information provided by third parties for your convenience. We do not endorse nor make any guarantees with respect to these sites, their accessibility, the information they contain or the way they treat any information you provide to them.
About the author
Alaine Anderson
Related posts
CSR in Action: Education and Resilience in Mayotte
Key takeaways ▪ Mayotte is a French overseas territory, considered to be the poorest region of the country with 8 in 10 inhabitants living below the poverty line.▪ Cyclone Chido caused massive destruction in Mayotte, including considerable damage to Les Colibris School, leaving children unschooled.▪ Les Colibris School is a private, community-led educational center in […]
October 15, 2025
Kyodai Joins the Ria Family: A New Chapter for Remittances in Japan
Recently, we were thrilled to announce that Kyodai Remittance is now officially part of the Ria Money Transfer family! Ria’s acquisition of Kyodai marks a major step forward in our mission to make money transfers more accessible, secure, convenient, and customer-focused—especially for the vibrant and burgeoning migrant communities in Japan. But what exactly does Ria’s […]
August 14, 2025
Building a Brighter Future: New Computer Room for Bargny High School in Senegal
At the beginning of May, Ria attended the inauguration of a new computer room at a high school in Bargny, east of Senegal’s capital. It was a project many months in the making, and with a very clear goal in mind: to be able to support one of the countless communities that we hold close […]
June 10, 2025
The Impact of Good Teachers in Early Education in Mexico
Not all heroes wear capes, but a lot of them sure look like teachers. Though many might think of teaching as child’s play, it’s one of the most complex and influential roles in our society. Especially in early childhood, teachers accommodate many of their students’ needs as they learn to navigate the world. At Ria, […]
May 13, 2025
Ria Money Transfer. NMLS ID#920968. © 2025 Dandelion Payments, Inc. All rights reserved.