Although the new EU directive on protection of personal data (GPRD) is to become effective in the Czech Republic in May 2018, companies should already start making preparations for its implementation as all companies which process personal data are to be concerned. Bigger companies, however, will be affected more significantly – failing to comply with the directive may be penalised by a fine of up to CZK 540m or 4 % of the turnover. On top of the financial sanctions, a possible data leakage is to be reported not only to relevant authorities but to the clients also.
Based on the above, it appears recommendable that companies start all the necessary preparations weeks or even months in advance, and, so as to avoid possible difficulties, they ought to seek professional help in order to be able to obey the new law.
