Egil Bergenlind, founder and CEO of DPOrganizer, simplifies the benefits of the new regulation into five easy-to-digest points.

You’ve no doubt been hearing a lot about GDPR and have probably been receiving numerous push notifications and emails asking you to agree to new terms of service. But what exactly is GDPR and why is it necessary?


The EU’s upcoming General Data Protection Regulation (GDPR) dramatically strengthens your right – and ability – to control your personal information and privacy.

The current EU Data Protection Directive dates back to 1995 and to put things in perspective, at that time, Google wasn’t even born then, Amazon was a tiny online bookseller and Mark Zuckerberg was still in high school. And as a directive, EU member states could implement it as they saw fit.

GDPR represents a shake-up of the rules to reflect this reality and applies to any company that collects and processes the data of EU residents. Regardless of where the company is based.

But what does this all mean for you, and should you really care? Egil Bergenlind, founder and CEO of DPOrganizer, has done the hard work for you, simplifying the benefits of the new regulation into five easy to digest points.

1. Your data is about to get a whole lot more secure
With the significant increase in cybercrime over the past few years, data processors and collectors need to become far more vigilant about keeping personal data safe. Although proper security measures have been a part of privacy legislation for a long time, GDPR puts a huge emphasis on “pseudonymisation” - which to you and I simply means disguising any connection to you - as well as encryption of the information.

There is also a new mandatory data breach notification rule which means that they have to be reported to the supervisory authority within 72 hours. On top of this, you will also now have to be informed if the breach is likely to pose a significant privacy risk. In the past, some companies waited months, or even years, to report that a database had been compromised.

2. Organisations will need your consent to process and share your data
With the exception of law enforcement and national security agencies, organisations will now need explicit consent before processing your data. Long terms and conditions forms will no longer be the norm and you will now see plainly worded documents that are easy to understand and fully transparent. This means that you must proactively say ‘yes’ before you are signed up to any extra marketing materials such as newsletters, or information about offers.

3. The right to rectify mistakes
You will now be entitled to have any personal information corrected if it is incomplete or inaccurate. Great, but how does that benefit you? Well imagine you are trying to take out a mortgage and a financial institution has added in the wrong information on you concerning your credit history. You may be refused the loan on this incorrect basis.

If an organisation shares incomplete or inaccurate information with third parties, they must then inform the companies involved about any changes that need to be made to your data. They must also inform you of any organisations that they have shared your data with.

4. The right to be forgotten
This right allows you to request that your personal data is removed if you withdraw your consent. There are a number of situations where this right can be exercised, including:

? If the data was obtained in an unlawful manner
? If you object and state that there is no real reason for continuing the process of processing your data
? If your personal data is no longer necessary to achieve its original purpose

5. Customer service will receive a much needed makeover
One of the lesser-known benefits of GDPR is that it will encourage companies to focus on customer satisfaction. In order to win your business and loyalty, many will bend over backward to provide clear and transparent privacy notices, protect your rights, and reduce, or even eliminate, nuisance marketing such as unsolicited phone calls and spam emails. This will put pressure on other companies to follow suit resulting in a better service for you.


DPOrganizer is a flexible and easy-to-use data protection management software solution which helps organisations map, visualise, report, and manage their processing of personal data, ensuring they are GDPR compliant. Founded and based in Stockholm, Sweden, and serving hundreds of customers in sixteen countries throughout Europe, the U.S., Africa and Asia, DPOrganizer plays a crucial role in solving companies’ data protection challenges, irrespective of their size, experience, or sector.

DPOrganizer was founded in Stockholm, Sweden, in 2015 by Egil Bergenlind, formerly a Data Protection Officer at iZettle. Prior to this, Egil worked as a data protection lawyer at the leading international law firm, Bird & Bird. He came up with the idea for DPOrganizer after noticing an obvious gap in the data protection market for a tool that could play such a crucial role in data protection assistance. Egil started building the software just over three years ago, with the purpose of creating something powerful, yet simple-to-use, helping to manage data protection challenges in practice.

May 2018