Online privacy - new EU regulations - explained by Thunderbolt

Since 2018, gaming operators and other online businesses and operating in the EU have been obligated to demonstrate compliance with the EU’s General Data Protection Regulation. The Thunderbolt online casino has been carefully studying analyzing how the GDPR is helping players enjoy a safer and more enjoyable Thunderbolt casino coupons online casino experience.


The General Data Protection Regulation (GDPR) of the EU, which was implemented in 2018, was designed to clarify businesses’ obligations regarding the processing the personal data of users who are located in the EU.

The regulations apply to any business that interacts with individuals who are located in the European Economic Area. If a business based in Thailand has customers who are located in the EU, that business is obligated to abide by GDPR regulations.

Since adoption of the GDPR multiple other nations worldwide have adopted similar or identical regulations including South Africa, South Korea, Brazil, Japan and the United Kingdom.

Provisions of the GDPR

The GDPR is designed to strengthen the rights of individual users. Under the GDPR users can request access to view information collected on them and can request that their data be erased.

Privacy notices provided by businesses must be transparent in describing the types of processing activities that they carry out and must request from clients, customers, suppliers and other third party contacts to store their information and process their data.

The GDPR limits the personal data that can be collected on children and companies must verify customers’ ages to ensure that they are not treating anyone under the age of 16 as an adult for the purposes of collecting and storing data.

The GDPR obligates businesses to carry out data protection impact assessments for high-risk projects and new technologies and must consider privacy risk from the outset when designing these projects and/or technologies.


In June 2020 the European Commission conducted a review of the first 2 years of the GDPR and concluded, that “the GDPR has been an overall success, meeting many of the expectations” although the report agreed that it was still premature to draw definite conclusions about the impact of the regulations.

The report stated that “Increasing global convergence around principles that are shared by the GDPR offers new opportunities to facilitate safe data flows, to the benefit of citizens and businesses alike.”

According to the report, the GDPR has resulted in citizens being more aware of their rights and enjoying more empowerment  to access, rectify, object, erase and control data portability. The majority of EU citizens in the EU are aware of the GDPR which allows them to play an active role with how their data is being stored and used.

GDPR successes, the European Commission says, include:

  • Ensuring that businesses know exactly which laws are applicable to them, rather than having to investigate the varying laws of each jurisdiction.
  • Giving businesses and individuals an active role in determining how their data is being used.
  • Promotes privacy and transparency across all platforms.
  • Facilitates the development of new technologies in accordance with users’ fundamental privacy rights.

According to the report, the GDPR proved itself during the COVID pandemic when much of the business world went online. Via the cooperation and consistency mechanisms that have been put in place in the GDPR, data protection authorities can work together actively as members of the EDPB.

Blow to European Digital Economy

Critics of the GDPR see things differently. Many in the business community see the GDPR features as being burdensome and unwieldy.  According to the National Bureau of Economic Research, the GDPR has inflicted a blow to Europe’s digital economy.

According a preliminary draft of  the study, data collected on millions of Android apps before and after the enactment of the GDPR has determined that the number of available apps has decreased by about one-third and includes the elimination of many apps that were previously available to customers in the EU.

In addition, the establishment of new digital businesses plummeted after the GDPR was enacted. This is true of businesses that monetize their user base by processing and selling data that they collect but other apps have suffered as well with both the number of apps and their user bases declining.

Designers say that it’s now more difficult to build new apps because it’s more costly and more difficult to build new apps. This means a loss of jobs, income, growth and consumer welfare.

If the EU wants to stay strong economically, GDPR critic say, there needs to be a more fact-based and open discussion about EU digital regulation.