iText and GDPR

Are you GDPR compliant? If your company targets any EU citizens, regardless of where they are currently located, you need to make sure your data processes comply. This new legislation is effective as of May 25, 2018, and will require a change in both processes and mentality about your data. Are you ready? We can help.

What is GDPR?


The General Data Protection Regulation (GDPR) is a regulation by the European parliament and council on the protection of natural persons with regard to the possession of personal data and the free movement of such data, and repealing Directive 95/46/EC. (27 April 2016)

What benefits being GDPR compliant bring you?


Some of the main points that are included under GDPR are:

  • All EU citizens, regardless of their location, are included.
  • All Companies that target EU citizens, regardless of the company location, are required to comply.
  • Personal data or information that can be tracked back to the data subject (EU Citizen) need to be accessible to the data subject such as;
  • The data subject must be able to easily view the data being kept about them, and change or delete that data at any time.
  • It's a regulation, not a directive, so you will need to comply.
  • Personal data includes name, address, national ID number, medical records, DNA, IP address, e-mail address, RFID, HR info, and more

But don’t worry, there are benefits to GDPR.

More qualified leads

Anyone allowing you to have or keep their data are genuinely interested in your company and/or products.

Better relationships

No more friction at data subjects side about your company using their personal data. They know what, why, where, how and how long you will store their data, and have the right to be forgotten by your company. Leading to more trust between them and your company, and better long-term relationships.


We all like trust, but studies show that leads are more likely to buy products/solutions from companies they trust. Take advantage!

Action plan: change your companies mindset and design by privacy

  • Check with your management if there is already a plan in place to be compliant with GDPR.
  • Explain to them the benefits of being GDPR compliant, if there is no plan in place yet.
  • Make a list of all data captured:
    • What do you capture?
    • Why is it captured? Is this necessary?
    • Where is it stored?
    • How long is it stored?
    • How is it stored? Has it been secured?
  • Clearly state your intent and the duration of data storage. There needs to be a clear goal and purpose to the collection of data.
  • Ask your data subjects explicitly for consent - allowing you to collect data - and explain that this consent can be withdrawn at any point. Do not use pre-ticked checkboxes, silence or inactivity.
  • Create protection for all personal data allowing each data subject to access all data stored about them in a readable, usable format.
  • Offer a user friendly way for data subjects to update their data or request removal of their personal data from your database.
  • Offer data subjects a way to opt-out if they no longer want to receive updates. Allow them to be forgotten.
  • If you are using third party tools, check with them if they are also GDPR compliant.
  • Create a breach policy: what to do if there is a breach, who do you contact (who contacts them), and how do you fix it?

Still have questions about PDF solutions for GDPR?

We're happy to help! Send your questions to us, and we'll get back to you a.s.a.p.

Reach out




11,000人以上の購読者に加わって、iTextの新しい製品、アップデート、ヒント、記述的な解決策や出来事に関する最新情報を得ることでiText PDF専門家になりましょう。