GDPR (General Data Protection Regulation) is a topic that has built a lot of buzz in the past, but the legislation was first adopted in April 2016, with a two-year transition period allowing businesses to prepare for it until it came into full effect in 2018.
As of May 25, 2018, all organizations in the EU – and many more around the world – need to comply with the European Parliament’s General Data Protection Regulation (GDPR) replacing the Data Protection Directive (DPD) of 1995.
The General Data Protection Regulation ensures that people in the EU have better control over their personal data. But what are the GDPR guidelines and its implications? And what does it mean for companies and organizations that are outside the EU? Let’s find out more.
What is GDPR?
The General Data Protection Regulation was established in the European Union to address data protection and privacy within the EU and the EEA (European Economic Area), while also dealing with the transfer of data outside of these jurisdictions / areas.
In a nutshell, this regulation dictates that specific data protection principles and systems must be implemented by any business or organization to safeguard privacy and data of its customers and users. Also, among other things, the GDPR guidelines specify that any data collection – as well as the purpose for the data processing – must be disclosed, as well as if this data is being shared with other parties outside the European Union. The fact that other countries outside of the EU enacted similar legislation thereafter shows how important – and necessary – the GDPR principles are.
GDPR principles and personal data
We are living in a digital era where technology is ubiquitous, and customer data is collected haphazardly. As a result, sometimes as individuals we don’t have much power (and/or knowledge) over how it may be used – and with what purpose. That is a point of concern, and, in that respect, what the EU is seeking with its GDPR guidelines is to guarantee people have a better understanding of how their data is used, and provide them with the right to control its usage.
But how exactly do we define personal data? According to the European Commission, “Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.”[1]
Under the GDPR guidelines, the concept of personal data encompasses that notion, along with mobile device identifiers, geolocation, biometric data, and IP addresses, for instance. It also includes data related to an individual’s physical, genetic, psychological, economic, cultural, or social identity.
GDPR compliance and goals
The goal of the GDPR principles is to significantly strengthen the rights of individuals, who will now enjoy the benefit to ask companies to reveal or delete the personal data they hold. Regulators, on the other hand, will be able to work in greater conformity across the EU, instead of having to follow different laws in each jurisdiction.
In that sense, the GDPR requirements will bring more transparency in how organizations collect data about people. Going forward, some types of individual profiling will no longer be acceptable unless the person in question has wilfully consented.
But how exactly does this work? GDPR compliance will be applicable to both data ‘controllers’ and ‘processors’. Let’s understand the meaning of these concepts. Controllers are companies using personal data, which might range from a one-person online retailer to multinational corporations. Processors are those companies that manage the data under the controller’s guidance. In the past, only controllers were accountable for any data breach or misdeed. With GDPR principles now in place, both controllers and processors are obliged to comply with the legislation, making it one of the main differences between GDPR and the previously established DPD.
The GDPR requirements also apply to all companies that process personal data of people residing in the EU, regardless of the company’s location.
Data protection: everyone’s concern; Ria Money Transfer’s priority
At Ria Money Transfer, the confidential treatment of personal data has always been paramount and is an intrinsic responsibility for our business around the world. We welcome GDPR compliance and embrace the new legislation for the collection, use, disclosure and security of individuals’ personal data.
Committed to complying with the new regulations and promoting a stronger sense of respect and security for the privacy of our clients, partners, and employees our parent company Euronet has appointed a Data Protection Officer (DPO). With this and the continued support of dedicated compliance officers and specialists, Ria will continue to provide a thorough approach to compliance, ensuring maximum safeguarding and an optimal personal data protection system.
[1] European Commission: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en
The information on or through this site is provided for general informational purposes only and should not be relied on as a substitute for specific advice about laws, regulations, taxes, finances, immigration or travel. For specific advice, contact a licensed attorney, financial advisor or other professional. We disclaim all liability and responsibility arising from any reliance placed on this site. We do not warrant the accuracy or usefulness of this information. This site may contain links to other sites and information provided by third parties for your convenience. We do not endorse nor make any guarantees with respect to these sites, their accessibility, the information they contain or the way they treat any information you provide to them.
About the author
Alaine Anderson
Related posts
The Impact of Good Teachers in Early Education in Mexico
Not all heroes wear capes, but a lot of them sure look like teachers. Though many might think of teaching as child’s play, it’s one of the most complex and influential roles in our society. Especially in early childhood, teachers accommodate many of their students’ needs as they learn to navigate the world. At Ria, […]
May 13, 2025
Myanmar Earthquake: What We’re Doing to Help
A powerful 7.7 magnitude earthquake hit Myanmar on March 28, 2025, also impacting Thailand, Bangladesh, Laos, and China. The disaster has caused severe destruction to local infrastructure in Myanmar. Countless people have been left without a home and critical facilities, such as hospitals, have been damaged. With many roads and bridges impassable, it is difficult […]
April 2, 2025
Empowering Communities: Highlights from Our CSR Initiatives
At Ria, we have the privilege to serve some of the most hardworking people in the world. Their dedication and drive to support their loved ones, even from far away, is inspiring. Every day, we get to witness the power of a simple money transfer. By getting our customers’ money to where they need it […]
January 24, 2025
Unveiling Ria’s new tagline: Money where you need it
For over 35 years, we’ve made sure people around the world can stay connected to their loved ones back home. This mission has guided every step we’ve taken as a company, evolving from a single storefront in New York City to a multinational operation spanning from California to Sydney. Led by the belief that every […]
September 16, 2024
Ria Money Transfer. NMLS ID#920968. © 2025 Dandelion Payments, Inc. All rights reserved.