What is GDPR and How It Will Affect Kenyan Websites

News, Tech

The acronym GDPR is being tossed around pretty much in the last few days and you may have wondered what the hullabaloo is all about.

If you haven’t, am sure you have received several emails from different websites urging you to check out their updated privacy policies and stuff.

What it is

The General Data Protection Regulation is a European Union law meant to ensure European Union citizen’s private data is not abused by companies.

The law takes effect today, 25th May 2018, and it will have serious repercussions on how companies handle user data.

Will it Affect Kenyan Websites?

The answer is yes. The GDPR affects all websites around the world as long as they have visitors from the European Union.

Penalty for non-compliance

Companies in contravention of GDPR policies will be liable to either a fine of up to 4% of annual global revenue or €20 million, depending on which is greater.

You need not worry though because the fine will not be instantaneous. Before being fined, companies thought to be in contravention of GDPR will first receive a warning, followed by a reprimand.

If still in breach, the company will face suspension of data processing before being fined.

How to comply

If you your company collects, stores or uses personal data such as names of people, their addresses, online identifiers, health and information, then you need to do the following:

  • Obtain explicit consent from EU residents before collecting of personal data and storing it.
  • Inform the individual(s) how you are going to process or store their personal data.
  • Report data breaches to relevant bodies within 72 hours of the breach. You also need to inform individuals who may be affected by the breach.
  • Appoint a data protection officer. This is for big companies (public), not small personal businesses.
  • If you use analytics tools such as Google Analytics to track site usage you may need to anonymize user data before processing.
  • Add a cookie notice if your site adds cookies to the user’s browser.

This is just a redacted overview of the GDPR and how to comply. Otherwise get comprehensive info from the GDPR website or download the GDPR PDF .

Note that there’s a lot of legal jargon in there, you may need the help of a legal professional to grasp all of it.


Leave a Reply