General Data Protection Regulation (GDPR)

The EU Privacy Policy that Impacts Companies Worldwide

What is the GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation that standardizes the rules related to processing and controlling personal data by companies and public authorities. While it is an EU law, it directly impacts businesses throughout the world if they process or control any personal data belonging to citizens of the EU.

While the complete regulation is robust and should be reviewed with your legal team, at a broad level, it provides data protection beyond the borders of the EU, gives individuals better control over how their personal data is captured and used, and enforces the law through the use of penalties.

Applies to Companies Everywhere

The regulation focuses on EU citizen data and is not limited by the location of the company that is processing or controlling this data. This means that a company can be located anywhere – within the EU or not – and still be impacted by the regulation if they are processing the data of an EU citizen.

Gives More Control Over Personal Data

The GDPR gives individuals more control of how and when their data is used. From requiring clear consent at the point when a person’s data is collected to ensuring that people can access their own data anytime, there are many components of the regulation that address what companies must do when processing or controlling personal data.

Uses Penalties for Enforcement

In order to make sure that companies take the necessary steps to comply with the GDPR, the regulation specifies that companies that are not within compliance may receive a fine of up to 4% of their annual world sales or 20 million euros, whichever is higher.

GDPR may cost you.
Companies that do not comply with the
GDPR can receive a fine – up to 4% of annual world sales or
20 million euros, whichever is higher.

Non-EU Located Companies

How will GDPR impact my business if I’m not located in the EU?

The GDRP protects the data of EU citizens. This means that, regardless of where your business is located, if it processes or controls data belonging to EU citizens, it must do so in accordance with the new regulation. If you do not follow the regulation, you are subject to fines in the same way companies that are located in the EU are.

Many small globes in vintage design
Glasses lying on a table in front of a laptop


Can OTRS help with GDPR compliance?

As a service management solution that comprises ticketing system, workflow automation and a wealth of other features, OTRS can support companies in their efforts to become GDPR compliant by giving companies the tools they need to quickly address corporate security issues and track information that may be audited for GDPR or any other privacy purpose.

In addition, OTRS AG has taken measures to ensure that our data handling processes are in line with GDPR requirements so that customers using the fully-managed OTRS solution are compliant within our environment.

For OTRS AG, the topic of data protection has always been of the highest importance.
Compliance with privacy regulations and guidelines has always been, and will always be, treated as an absolute priority.

Learn more about OTRS
and the ways in which it can support
your efforts to become GDPR compliant.