General Data Protection Regulation (GDPR) Google Professional Data Engineer GCP

  1. Home
  2. General Data Protection Regulation (GDPR) Google Professional Data Engineer GCP
  • Focused on personal data protection in Europe
  • Effective May 25, 2018
  • Replaced earlier, 1995 EU Data Protection Directive.
  • Applicable on businesses and organizations established in Europe or serve users in Europe.
  • GDPR regulates personal data collection, usage, and storage by business
  • Has reporting requirements and accountability
  • Enforces fines for non-compliance
  • Two roles data controller or processor
  • Data controller determines the purposes and means of processing personal data.
  • Data processor which is Google, processes personal data on behalf of the data controller

Data Controller

  • Responsible for implementing technical and organisational measures
  • ensure and demonstrate all data processing complies with the GDPR.
  • Controllers’ obligations as per GDPR principles
    • Lawfulness
    • fairness
    • transparency
    • purpose limitation
    • data minimisation
    • accuracy
    • as well as fulfilling data subjects’ rights with respect to their data.
  • GCP customers act as the data controller for any personal content given to Google


Action to Take

GDPR as  Google customer should consider

  • Be aware of GDPR provisions
  • Review inventory of personal data being managed
  • Assess present controls, policies, and processes for managing and protecting personal data against GDPR’s requirements.
  • Use present data protection features on Google Cloud
  • Review Google’s data processing terms