Why was the GDPR created?
GDPR was created to hold companies accountable for their EEA users’ right to privacy and to ensure that users are aware of their rights regarding personal data. This is the first major review of privacy law in Europe since the advent of social media. Approved by the European Union Parliament in April 2016, the new law requires companies to set more stringent guidelines for handling the personal data of EEA users on the internet. The goal of these new guidelines is to set a clear, high standard for how data must be acquired and managed going forward.
At the heart of the new regulations are two requirements: (1) Any entity collecting the personal data of EEA users over the internet must explain exactly what it will do with the data in “clear and plain language,” and (2) The entity must receive explicit consent to move forward with data collection from every consumer in the EEA.
What is the definition of “personal data”?
Personal data includes any information that can be tied to a single user, and which directly or indirectly can be used to identify that user. The data collected varies depending on the company, but includes information like name, email address, location, credit card number, and device identifiers. Personal data does not include fully anonymized or aggregated data that can no longer be linked to a specific person.
Why does Invaluable collect personal data?
Invaluable uses data to operate and improve our services. Data also helps us personalize the user’s journey across our site. We collect data to contact users about their accounts, provide customer service, personalize marketing and advertising, enable the purchase of our subscription services and to detect, mitigate and investigate fraudulent or illegal practices. The provision of all personal information is voluntary but may be necessary in order to use our services.