The GDPR is a new data protection law that strengthens the protection of personal data. GDPR will replace the current EU Data Protection Directive and refreshes the rules regarding when and how organizations can use EU individuals’ personal data. Penalties for failing to comply with GDPR may subject an organization with fines of up to 4% of the organizations total global revenue.
The GDPR applies to any organization, regardless of geographical location, that offers goods or services to EU individuals, processes personal data of EU individuals and includes the third parties that process the information on their behalf.
Key changes include: limiting the EU individual personal data collected to the minimum required, establishing technical and organizational security measure to protect personal data, and retaining personal data only for as long as necessary for its specified purpose. Other changes include new data subject rights for EU individuals, mandatory breach notification procedures, maintaining records of personal data processing activities and ensuring appropriate international transfers of personal data.
Polycom is committed to compliance with GDPR. Polycom has a dedicated cross-functional team who oversee Polycom's GDPR compliance program. In connection with the development our products and solutions, we have incorporated privacy by design elements early in the process with the objective that technical and organizational security measures will limit, by default, the amount and use of personal data to what is specifically required. Other efforts include having either new or supplemental white papers available for our customers that address privacy-related data processing/other information about our products/solutions.