If your agreement with Google incorporates this policy, or you otherwise use a Google product that incorporates this policy, you must ensure that certain disclosures are given to, and consents obtained from, end users in the European Economic Area along with the UK. If you fail to comply with this policy, we may limit or suspend your use of the Google product and/or terminate your agreement.
Properties under your control
For Google products used on any site, app or other property that is under your control, or that of your affiliate or your client, the following duties apply for end users in the European Economic Area along with the UK.
You must obtain end users’ legally valid consent to:
- the use of cookies or other local storage where legally required; and
- the collection, sharing, and use of personal data for personalization of ads.
When seeking consent you must:
- retain records of consent given by end users; and
- provide end users with clear instructions for revocation of consent.
You must clearly identify each party that may collect, receive, or use end users’ personal data as a consequence of your use of a Google product. You must also provide end users with prominent and easily accessible information about that party’s use of end users’ personal data.
Properties under a third party's control
If personal data of end users of a third party property is shared with Google due to your use of, or integration with, a Google product, then you must use commercially reasonable efforts to ensure the operator of the third party property complies with the above duties. A third party property is a site, app or other property that is not under your, your affiliate's or your client's control and whose operator is not already using a Google product that incorporates this policy.
Understanding GDPR: A Comprehensive Guide for EU and UK
The General Data Protection Regulation (GDPR) is a vital regulation that governs information privacy in the European Union (EU), European Economic Area (EEA), and the United Kingdom. Let's dive into the key aspects of GDPR and what it means for individuals and businesses.
What is GDPR?
The GDPR (Regulation (EU) 2016/679) was adopted on 14 April 2016 and became effective on 25 May 2018. It replaced the Data Protection Directive 95/46/EC and has become a model for many other laws around the world, including the United Kingdom's own identical law.
Scope of GDPR
The regulation applies to organizations based in the EU or processing personal data of individuals inside the EU. It also extends to organizations outside the EU if they collect or process personal data of individuals located inside the EU.
Key Principles
- Consent: Specific, freely given, plainly worded, and unambiguous affirmation by the data subject.
- Transparency: Clear information about how data is used.
- Rights of Individuals: Including right to access, rectification, erasure, data portability, and the right to object.
- Lawful Processing: Processing must have at least one legal basis, such as consent, contractual obligations, or legitimate interests.
Rights of the Data Subject
- Right to Access: Individuals can access their personal data and information about how it is being processed.
- Right to Rectification: Correction of inaccurate personal data.
- Right to Erasure: Also known as the "right to be forgotten."
- Right to Data Portability: Transfer personal data from one system to another.
Consent and Children's Data
Consent must be explicit, and individuals must be allowed to withdraw consent easily. For children under 16 (or as low as 13 in some member states), consent must be given by the parent or custodian.
Data Protection Authorities
A single set of rules applies to all EU member states, with independent supervisory authorities in each member state to investigate complaints and sanction administrative offenses.
Global Impact
The GDPR has influenced laws in countries like Turkey, Mauritius, Chile, Japan, Brazil, South Korea, South Africa, and Argentina. Even the California Consumer Privacy Act (CCPA) shares similarities with the GDPR.
Conclusion
The GDPR is more than a regulation; it's a commitment to the protection of personal data and privacy. It has set a global standard and continues to shape data protection laws around the world. Whether you are an individual or a business, understanding and complying with GDPR is essential in today's digital age.
This blog post provides a comprehensive overview of GDPR, focusing on its key aspects, principles, and global impact. If you'd like to explore more detailed information, you can refer to the Wikipedia page on GDPR.
Please let me know if you need any further information or assistance you can send message from the blog!