The Council Regulation (EU) 2016/679, Protection of personal data, that comes into force May 25th 2018, is going to bring up the need of a greater commitment the companies, as well as the public administrations. That's why we find diverse novelties focused on a greater protection of the personal data of the user.
This novelties can be resumed in the following points:
It will be applicable, not only to those companies established in the European Union, but also to all of those that realise data's treatments as consecuence of goods or services' offers to citizens of the European Union.
Up to this day, many companies only needed tacit consent for being able to use users personal data. From now on, it will requiere an actual statement from the user, said it in other words, a express consent. Consquently, all the consents that had been obtained to this dat will be disabled if they do not fulfill the requirements established by the Council Regulation.
16 years old is going to be the minimum age permited to give a valid consent. However, the States members can reduce the limit until 13 years old (at this moment it is 14 years old in Spain)
The companies will have to verify the way they collect the personal data; if theis system fulfils with the requirements of the Council Regulation and, consequently, if they can still use the system they had previously.
The companies in charge of other companies' data will have some additional obligations, such as how they register the treatments; depending on the treatment, name “Protection data's Delegates and verify if they fulfil their contract with those companies with the requirements established in the Council Regulation.
The importance relays not only on the novelties mentioned previously, but in the proactive responsability of the companies that work with personal data using codes of behaviour, notifications of violacions of the security of the data, maintenance of a register of treatments or evaluations of impact on the protection of data.