Companies who do business in the EU are grappling with the rules laid out in the General Data Protection Regulation (GDPR). Adopted on 27 April 2017 and enforced starting 25 May 2018, GDPR is designed to give EU citizens control over their personal data.
While GDPR is complex, companies that collect personal data must first and foremost know that they must obtain provable consent by the individual based on a valid purpose for what the data will be used for.
Non-compliance is not an option. Beyond the reputational damage, the penalties are severe: proposed fines are up to 4 percent of annual global turnover or €20 million, whichever is greater.
FIS has been preparing for GDPR since March 2017 and is ready to help you ensure your compliance ahead of the deadline – and turn GDPR into an opportunity to deepen your customer relationships.
FIS clients who are subject to the GDPR must have a compliant Data Processing Agreement/Addendum (DPA) in place with FIS prior to the legislation’s effective date. You can request a DPA that includes your organization's information and is enabled for electronic signature by sending an email to firstname.lastname@example.org.