GDPR


General Data Protection Regulat

Put into effect in May 2018, the General Data Protection Regulation (GDPR) is a comprehensive European Union regulation that strengthens and unifies data privacy and protection laws in EU countries. The GDPR is a binding legislative act, unlike the 1995 EU Data Protection Directive, which it replaced. GDPR’s purpose is to empower EU citizens with regard to how their personal data is used and to reshape the way organizations across the EU approach data privacy.

Penlink’s solutions provide highly targeted intelligence information while upholding the highest levels of security and data privacy. At Penlink, we welcome GDPR and the protections it provides. We see it as an opportunity to stand out in our commitment to balance the needs of our customers with the need to protect data privacy.

General FAQs

What is the GDPR?

The General Data Protection Regulation (GDPR) is a data and privacy protection law that came into effect on May 25, 2018. It replaced the 1995 EU Data Protection Directive. The GDPR aims to strengthen EU citizens’ data privacy and protection rights inside and outside the EU, essentially creating a Digital Single Market to protect the rights of its own members. For further information see: GDPR Overview

Is the GDPR legally binding?

Yes. Unlike the previous EU Data Protection Directive, the GDPR is a regulation. Regulations overrule national laws and are immediately applicable in their entirety in all Member States, while directives are binding as to the result to be achieved in each Member State. EU countries translate directives into their national legislation, in a way they see fit, to achieve the desired results. Thus, directives leave greater room for discretion in their implementation than regulations. As GDPR is a regulation instead of a directive, it took immediate effect in all Member States on May 25th, 2018.

Is the GDPR an extension of an existing law?

The GDPR is not an extension of an existing law or directive. It fully replaces the existing EU Data Protection Directive created in 1995.

How has Penlink implemented GDPR?

Your Penlink account representatives work in tandem with our legal and IT departments. You can direct your GDPR-related concerns or queries to your account representatives who’ll be more than happy to provide you with answers. If and when there’ll be a change to any of our solutions due to changes in GDPR or other relevant regulations, we’ll update you immediately.

Will the GDPR affect customer contracts and Penlink’s obligations?

All our contracts have strong data protection, data privacy, and data security provisions and clauses. We work hard to ensure that all our commitments, solutions, and activities comply with the GDPR and other relevant data protection laws. This includes our contracts with you. At any point in time, regulators can issue additional guidance on GDPR provisions and/or update existing terms, which may require us to review and update our contracts. If and when contractual updates are required, we’ll contact you immediately and consult with you to ensure our commitments and activities fulfill all GDPR obligations.

What advice does Penlink have regarding GDPR?

Penlink encourages all customers to read official EU sources on the issue as well as seek their own legal counsel on the interpretation, implementation, and enforcement of the law. Below are some online resources that might help you to get started. Please note that these are external sources that are subject to change, and we do not specifically endorse the content provided within the links below.


• The official legal text of the GDPR
• Complete guide to GDPR compliance