GDPR compliance outside the EU

The EU General Data Protection Regulation (GDPR) replaced existing EU data protection laws on 25 May 2018.

The GDPR has brought a 21st-century approach to data protection, expanding the rights of EU residents to control how their personal information is collected and processed.

What is the purpose of the GDPR?

In 1995, the European Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) was adopted to regulate the processing of personal data in the EU.

Data handling has changed in numerous ways since then, so the GDPR was proposed to extend the powers of the earlier directive and strengthen EU residents’ rights over their personal data.

What does the GDPR mean for companies in the Asia-Pacific region?

Under the GDPR, every EU resident has the right to know who holds their data, who is processing it and why is it transferred.

If you are an organisation in the Asia-Pacific that offers goods or services to EU residents, monitors their behaviour or processes their personal data, you will be subject to the GDPR.

The Regulation provides a set of rules under which you must operate, and compliance is not optional. Failure to comply can result in fines of up to

Take the first step toward GDPR compliance

It is vital that you are able to prove compliance with the GDPR. The first step is to establish an accountability and governance framework by:

  • Assessing whether your business activity falls within the territorial scope of the GDPR;
  • Briefing management on the GDPR risks and benefits;
  • Gaining management support for a GDPR compliance project;
  • Assigning a director with accountability for the GDPR;
  • Incorporating data protection risk into the corporate risk management and internal control framework.

To understand the subsequent steps and solutions needed to achieve compliance, take a look at our GDPR checklist.

You should also read our bestselling guide, EU GDPR – A Pocket Guide, which gives an overview of the Regulation and the new compliance obligations for handling personal data.

For a limited time, receive a 15% discount on orders exceeding $300 on any books, toolkits, software, training and consultancy products listed on our GDPR compliance checklist.

See checklist >>


The GDPR - key steps for companies in Asia-Pacific. Our compliance checklist will take you through the essential steps.