What is GDPR?
Definition
General Data Protection Regulation - European Union law protecting personal data privacy and giving individuals control over their information. GDPR compliance requires explicit consent, data portability, right to deletion, breach notification within 72 hours, and penalties up to €20M or 4% revenue."
Why This Matters
GDPR establishes strict requirements for handling EU resident data, with substantial penalties for non-compliance. If you handle any EU customer data, vendor GDPR compliance is essential. Your organization shares responsibility for how vendors handle this data.
Related Terms
Showing semantically related terms from our RFP knowledge graph. Priority connections are highlighted.
Essential Connections
Data Privacy
Security & Compliance
Legal and ethical handling of personal information including collection consent, purpose limitation, data minimization, accuracy, storage limitation, and security.
Privacy Compliance
Security & Compliance
Adherence to privacy laws and regulations governing collection, storage, processing, and sharing of personal data.
Data Security
Security & Compliance
Protection of information from unauthorized access, disclosure, alteration, or destruction through encryption, access controls, monitoring, and security policies.
Data Encryption
Security & Compliance
Converting data into coded format using algorithms to prevent unauthorized access.
Security Questions
RFP Fundamentals
20-40 RFP questions assessing data encryption, access controls, compliance certifications, incident response, backup procedures, and vulnerability management.
Compliance Certifications
Security & Compliance
Official attestations proving adherence to security and regulatory standards including SOC 2, ISO 27001, HIPAA, PCI DSS, FedRAMP, or industry-specific certifications.
Showing 6 semantically related terms ·Browse all 200 terms
Related RFP Templates
These 3 templates include questions about gdpr