Have you ever stopped to wonder where all the personal information you’ve shared online ends? If you’re like the rest of people you probably haven’t, at least until now. The truth is that the internet has drastically changed in recent years the way we communicate and how we handle everyday tasks.
Daily we send emails, share important documents, pay bills and purchase goods or services by entering our personal detailsall online and without even thinking about the possible consequences.
It’s not irrelevant, since we are talking about banking information, contacts, addresses, photos on social media and even your IP address. Now that we’re becoming more aware of this, it’s increasingly essential that companies that collect this type of information can provide a better service, offering more specific and relevant communications.
To achieve this, The General Data Protection Regulation (GDPR) makes its triumphal entry. If you haven’t already heard about this or your organization has yet to prepare for the next changes in the game rules, now is the perfect time to start. Today we’ll explain what GDPR is, how it will affect your business and include some useful tips on how to prepare properly for GDPR.
The General Data Protection Regulation (GDPR) is a new European privacy regulation that will come into force on May 25, 2018, with which it’s expected to permanently change the way you collect, store and use customer data.
Some surveys indicate that 80% of companies know little or nothing about this new regulation, and the worst of all is that more than 90% do not have a specific plan in place for when GDPR kicks off in May of this year.
This regulation will apply to all those companies selling to and storing personal information about European citizens, including those belonging to other continents. From its implementation, it will provide EU and EEA citizens with almost absolute control over their personal data and guarantees their information will remain protected throughout Europe.
Personal data will include any information related to a person, like a name, a photo, an email address, bank details, social media updates, location details, medical information or an IP address.
Under the GDPR, people will have the right to:
· Access: this means that people can request full access to their personal data and monitor how the company uses their data once it has been gathered.
· Be forgotten: if for some reason customers withdraw their consent from a company to use their personal details, they can request to have their data deleted.
· Data portability:Individuals have a right to freely transfer their data from one service provider to another.
· Be informed: people should receive updates before data is gathered, and consent must be freely given rather than implied.
· Information corrected: this right will guarantee that people can have their data updated if it is outdated, incomplete or incorrect
· Restrict processing: people can request that their data remain unusable after their recording.
· Object: this means there will be no exemptions if people decide to stop processing their data for direct marketing.In addition, this right must be made clear to individuals at the very start of any communication.
· Be notified: if there has been a violation of an individual's personal data, they have the right to be informed within 72 hours of become aware of the breach.
The impact of GDPR on your business
In general terms, the impact of this regulation on your business will probably have to do with making some substantial modifications to how you process, store and protect your customers’ personal data.
Many companies are curious how GDPR will relate to their data storage platforms. With the New Age of Data the way we work, live and communicate will be radically transformed, so in 2018 you can expect answers to your questions regarding data storage and how storing it locally differs from remotely in the eyes of GDPR.
How to prepare 2018
There are a many things that your company can do in order to be compliant with GDPR. Here are some first steps to help you get off to a good start:
1. Map your company’s’ data.
2. Determine exactly what data you need to keep.
3. Be sure to establish security measures in place.
4. Review your documentation carefully.
5. Establish policies and procedures for handling personal data
Why should your company appreciate GDPR?
Whilst true this regulation has created new challenges for the proper functioning of your business, it also creates very good opportunities for modernization. In addition, those companies who show they value all individuals’ privacy, are transparent about how information is used, design improved ways of managing customer data throughout its life cycle build to build deeper credibility and retain more loyal customers.
Dedicate time to understand what you need to do in order to create a plan of action for your journey to GDPR so that when the rest 2018 rolls along you’re calmand you can answer all your customers’ questions regarding compliance. If you haven’t already started, we urge you not to waste time and start now!