Unless you have been hiding under a rock, you will likely have started to hear the term ‘GDPR’ (General Data Protection Regulation) being bandied around. If you haven’t come across it just yet, it’s essentially an upcoming evolution of the DPD (Data Protection Directive) and is designed to offer a modern implementation on how people’s data is protected – taking extra consideration of technology and the internet.
This is a fantastic step forward if you’ve got your consumer hat on, however it is going to present a number of challenges if your business collects data online or uses data lists for marketing.
We’ll be publishing a number of articles and in-depth guides over the coming period where we will discuss this in more depth. In the meantime, please find below five essential facts to make sure you understand the basics.
When is GDPR actually coming into force?
It’ll be in effect within the European Union from the 25th May 2018.
Why is GDPR needed?
The DPD came into force way back in 1995 and, let’s face it, an enormous amount has changed in terms of how data is used online and for technology since. In a nutshell, the DPD no longer represents the modern uses of data.
What’s more, it will also provide a standard view across all EU member states as to how data can be used, with a uniformed approach to law enforcements and prosecutions.
What are the main differences it’s going to make?
It will give consumers much more control over how their data is used, who they do and don’t give consent to for use of their data and also aspects such as their right to access data being held about them and to request erasure.
For businesses, it’ll mean making significant changes to how you collect data (including the likes of the contact forms on your website), how you use that data, and what you communicate to your users about how their data will be used.
Who is it going to impact?
The GDPR regulations apply to the processing of personal data of data subjects who are in the EU. Even if you are not in the EU, GDPR still applies to you. This applies to both the sale of goods or services as well as free services.
You’re probably thinking ‘well, we won’t be in the EU because of Brexit’. However, the UK’s exit from the EU will not be completed by the time GDPR comes into force and even then, the UK will still come into the territorial scope. Britain has already confirmed that they plan to follow or mirror GDPR even when we leave the EU.
What’s the impact of breaching GDPR guidelines?
Essentially, GDPR will come with much harsher penalties for anybody who is found to be mishandling the data of their users. The main aim is to make prosecuting and holding people accountable that mishandle personal data that much easier, through having consistent rules in effect across all member states.
What can you do about it?
If you have been left feeling unclear about how you can prepare your website and marketing strategy for the new GDPR regulations, don't worry you are not alone. Depending on your business and your target audience, you may have to make either none or up to quite a significant number of changes. If you have concerns about how your website collects data, or you want to have peace of mind that you are following the new regulations, get in touch with us today to arrange an initial GDPR consultation and recommendations.