GDPR – Just Around the Corner

We are here to present you the key factors of the General Data Protection Regulations (GDPR), and how you should get prepared to manage your employees’ data accordingly.

Do you hire EU employees? Have current employees in the EU? Do you store vendor data that includes personal information about individuals in the EU?

If you replied YES for at least 1 of these questions, and regardless of you are headquartered in EU or not, you are required to become GDPR compliant.

So, what is GDPR anyway?

The General Data Protection Regulation (GDPR) is a law that aims to strengthen European Union residents’ rights to privacy and protect their personal data. This law will impact how Organizations and tools collect, store and manage personal data from EU residents.

In order to continue conducting business within the EU, all companies that interact with personal information of EU citizens must be compliant with the GDPR.

When will GDPR take an impact, and what is the cause of non-compliance?

GDPR will come into effect fully across all European member states as of May 25, 2018. Not complying with certain provisions of GDPR, can result in a fine of up to €20 million or 4% of your gross profit.

Both clients and employees will demand a certainty that your company is a GDPR compliance.

What are the main requirements to become GDPR compliant?

GDPR is a multi-step process. It requires meeting framework security and data protection standards, as well as how employers collect and store their employees’ data, and provide the  “right to be forgotten” (RTBF).

What are the differences between Data Controller and Data Processor?

Data Controller is the entity who is determining the purpose, the means and the nature of the data that is being collected. In other words – data controller is you, your company.

Data Processor is the entity or agency that is processing personal data on behalf of the data controller.  Mensch is a data processor and will be taking all measurements to ensure its compliance as data processor.

However, although you might be using GDPR compliant tools, does not mean that you as a data controller are automatically compliant as well. As Data Controller, It is important you explore your obligations in order to become GDPR compliant as well.

What is GDPR impact on HR management?

As data controller, HR should ensure the data collected on the employee level is stored in a secure, compliant manner. Ensure that the tools that are being used to process employees data, are compliance with GDPR and ensure that the company has the right to collect and store employees information.

Is Mensch GDPR compliant?

Mensch is the perfect platform to use in order to ensure you protect your employees’ data. We provide top-level security of employees database, as well as a way for you to communicate inside your organization securely.

Being GDPR compliance is a an all-time process, ensuring being up to date to regulations and legislation, ensuring using of tools and practices that enhance compliance.

If you have any further inquiries regarding Mensch GDPR compliancy or you RTBF (right to be forgotten) please contact us at

The Mensch Team