Since 2018, the way Internet companies store data has changed, especially in companies like Facebook and Google, because the General Data Protection Regulation (GDPR) came into force. This regulation refers to a compilation of rules promoted by the European Parliament, the Council of the European Union, and the European Commission, regarding data and security.

It seeks to guarantee and protect the privacy of citizens and the handling of their private data by third parties. Data that until now was transferred without the consent of the parties involved and on some occasions even without the knowledge of the user. The main objective of the GDPR is to give citizens and residents control over their data.

What is personal data according to the GDPR?

When talking about data and privacy protection, it references those data that can be used to recognize an individual. This data ranges from photos to email addresses or IP addresses. In the case of digital commerce, the user’s bank details, such as transactions, are also included. Other data, such as economic, cultural, or mental health information, is also considered personally identifiable information. 

The effect outside the EU borders

In principle, one might think that since it is a regulation in force within the European Union, it doesn’t affect countries outside of it. However, the same GDPR establishes, as a rule, the periodic review of its application and adaptation in third countries that receive data transfers from the EU.

That is, those organizations outside the EU that have clients, partners, or other types of relationships with residents in Europe must comply with the regulation. That’s why the GDPR requires that each user in the European Union is informed of what personal data of theirs was collected and how it will be used. In this way, the collection of data without the consent of the affected party is prohibited and you are given the right to decide whether or not you want your data to be used or stored

GDPR in Latin America

In Latin America, where there is also a large presence of European companies,  the changes in the regulation lead to new measures in the legislation related to data protection. If we look back around the last ten years in data protection, we have seen considerable legal progress in granting users control over their personal lives. Since 2010, sixty-two new countries have enacted data protection laws, for a total of 142 countries with data protection laws worldwide. In Latin America, Chile was the first country to adopt such a law in 1999, followed by Argentina in 2000. Several countries have followed: Uruguay (2008), Mexico (2010), Peru (2011), Colombia (2012 ), Brazil (2018), Barbados (2019), and Panama (2019). Although there are still different approaches to privacy, data protection laws are no longer a purely European phenomenon.

Guatemala lacks a data protection regulation. However, it is important to note that even though there is no specific legislation on the protection of personal data, the Law on Free Access to Public Information currently regulates all matters relating to personal data and sensitive data, as well as establishing a mechanism for the protection of these and typifies crimes in the matter.

Knowing what the GDPR is and how it affects Latin America undoubtedly helps to comply with the regulation. Striving to meet their demands can mean the difference between being trusted or not for users, especially in an age where online privacy is gaining importance and relevant interest. You can learn more about the terms of privacy of the .GT Domain name registry here.