The General Data Protection Regulations (GDPR) are being talked about a lot at the moment. Here is a really brief overview of what they are, and what you can do to prepare for them.
You may be one of the many business owners who does not know what the GDPR is yet, so here is a brief overview. In May 2018, the General Data Protection Regulations come into effect in the UK and across the EU. The GDPR is effectively going to replace the Data Protection Act that we have had since 1998 and you can understand why with the world looking totally different to 20 years ago!
The GDPR places greater obligations on businesses and other entities that process personal data which can include names, addresses, and email addresses. The fines for not complying with these regulations are increasing from a maximum of £500,000 under the current laws to €20 million or 4% of global turnover under the GDPR! One of the key things to come out of the GDPR is obtaining consent for marketing purposes. Unless the person you are contacting with marketing, including existing clients, has given you consent to do so, you will be in breach of the GDPR.
Here are a few tips to help prepare for GDPR:
1. Make your organisation aware of the changes in the law.
2. Review your data - where you hold personal data, what it contains, where it came from and whom you share it with.
3. Identify the lawful basis for processing personal data under the GDPR, document it and update your privacy notice.
4. Contact the people on your mailing lists and ask them to opt-in to future mailings. Record the date and method of them opting in.
Take a look at some of our other articles on the GDPR for a bit more information: