With the new GDPR rules coming into effect in a few short months, now’s the time to ensure your business collects and uses personal data correctly before it’s too late. But what does it all mean, and more importantly, what do you need to know to make sure you and your customers are protected?
Under the current UK Data Protection Act 1998, all businesses are allowed to collect personal customer information including, but not limited to, postal addresses, telephone numbers, and email addresses. That information can then be stored, collated, and used to create mailing lists which, in turn, are used for business marketing purposes to consumers.
But with the EU’s new General Data Protection Regulation (GDPR) act coming in, the way businesses are allowed to collect and use that information will be different. And the results will mean big changes in the way your business markets itself to customers.
GDPR is a set of updated official rules and regulations that follow on from the current outdated Data Protection Act, with far more prominence on digital data. With its implementation, it gives consumers more of a say in how businesses use their personal data.
The new GDPR rules will be virtually identical across the whole of the EU, and will apply to all businesses based in, and/or trading in, the EU. Every business will have to comply with GDPR rules if they want to start, or continue collecting customer data and information from anyone in the EU. And GDPR will be much stricter than current data laws, with any businesses that don’t comply facing big fines. So how do you make sure your business is covered? Here are our 10 things on GDPR you need to know about.
Many, and hopefully all, business websites will currently have information relating to their privacy and cookie policies readily available and accessible online. However, as both these policies pertain to the use of personal data, with the introduction of GDPR, they’ll need to be amended and added to in order to comply.
Put simply, any visitor to your site must be able to fully understand how their personal data will be collected, stored, and used. By doing so it fulfils the main objective of GDPR, which is to make it just as easy for a user to withdraw their consent, as it is to give their consent.
Many points in our list of 10, as well as the cookie and privacy policies, might appear daunting, as well as making it seem more difficult for you to communicate with your customers. But in the long term, it will be much easier for both you and consumers to monitor the way in which data is processed and used.
While compliance now will probably mean a short term investment of time, people and money, you’ll be fully prepared and ready when GDPR becomes law in May.