What is GDPR?
If you find yourself wondering what is GDPR, Investopedia sums it up as “the General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).”
Data – a small word with a big meaning. It holds all the information to your life and legislation is there to protect those details from being used inappropriately. Data protection legislation is changing on 25 May 2018 and it will impact how that data is used for marketing purposes.
It may feel like a long time until General Data Protection Regulation (GDPR) comes into force next MAY but it will sneak up on us busy people before we know it. People who use email marketing, direct mail or telemarketing need to prepare for big changes – and that’s a lot of us.
So what is GDPR? Put simply, data protection regulation is changing because the world is changing too. Current legislation has not kept pace with the digital landscape. It’s the biggest overhaul of data protection legislation for over 25 years and it will push data protection to the forefront of people’s minds.
What do I need to do?
You may think that you’re not collecting data about anyone, such as their name, address or date of birth. But data goes much further than that online. If you have tracking tools on your website – like our old friend Google Analytics – then you are.
Use or collection of data needs to be explicitly explained, requested and recorded. A person can submit a subject access request at any time. You would need to provide a paper trail on when you received their permission to contact them. There needs to be a simple way to opt out. This could be through an ‘unsubscribe’ link or an address to email. Whichever option you go for, track all of this activity on a ‘do not contact’ list and stick to it.
Our online browsers and potential customers are a savvy bunch. If you collect information on your website, even on a simple contact form, you need an SSL certificate which encrypts that data. Giving your website a little padlock in the browser bar and its visitors the confidence that their details are in safe hands.
Do not let yours be a risky business
It’s not worth taking a gamble on GDPR as your company could face hefty fines. This could be as high as 420m (£17.2m) or 4% of a company’s total worldwide annual turnover – whichever is higher. Current laws covering data protection can impose a fine of no more than £500,000. This is a massive increase and reflects how serious this law will be taken.
It goes without saying that this law has huge implications for most – if not all – organisations and businesses. Keep an eye out for our future blogs which will drill down on what GDPR means for you, how to prepare for next May and our examples of best practice.
The industry press is full of articles about the impact of GDPR.
Much of it focuses on how much work it’ll take in the short-term to prepare for the new legislation, which comes into force on 25 May 2018. But, GDPR can benefit your business in the long-term and here’s our guide on how to make the most of this opportunity to grow your company.
The introduction of new legislation around data protection, which comes into force on 25 May 2018, is a big deal. GDPR for small businesses as well as large companies could appear daunting at first. A few simple steps will get you well prepared and fully protected ahead of the GDPR deadline.