2 Years Since the Enforcement GDPR And Its Impact on Georgia

2020-05-25 15:32:52
Today, on 25 May, exactly two years have passed since the enforcement of  the General Data Protection Regulation (GDPR). Despite the fact that GDPR is an EU regulation, it has had important impact on Georgia. Its application extends to the legal entities registered on EU territory as well as to companies registered outside the EU but offering goods or services to subjects within the EU territory or monitoring their behavior if it takes place within the Union.

It is worth noting that since the enforcement of GDPR the interest of Georgian companies towards the European regulation has significantly increased. The companies are particularly interested in the following issues: the territorial scope of GDPR with respect to activities  of Georgian companies, designation of a representative on EU territory, exchange of information with the companies registered within the Union etc.

In parallel with the above mentioned, during the last two years the State Inspector's Service provided a number of companies with detailed information regarding GDPR and issued relevant recommendations; It also held meetings with the representatives of private sector and published useful information for Georgian companies.

The State Inspector's Service tries its best to play an active role in bringing Georgian legislation regarding personal data protection in line with the European standards which is one of the most important prerequisites of the Association Agreement between the EU and Georgia.  To this end, in 2019 the Service prepared and submitted to the Parliament draft law on Personal Data Protection which if entered into force will significantly approximate the Georgian law with the highest standard of personal data protection.

The enforcement of the new law will considerably increase the quality of personal data protection in Georgia, will approximate Georgia to the EU to a greater extent and will enable Georgia to become a leading country in the field of personal data protection.