Case Study: The Bridges Shopping Centre
Introduction The Bridges shopping centre, situated in the heart of Sunderland city centre, is the home
Find out more
The EU’s General Data Protection Regulation, commonly known as GDPR, came about after years of work by the EU to bring the old Data Protection Act up to date.
Most businesses will be aware of it, but not necessarily understand what they need to do to comply.
But what exactly is GDPR, and how might it affect your business?
With the regulations coming into force on 25th May 2018, companies must comply by that date, or potentially face large fines.
Why is GDPR happening?
Since the Data Protection Act was originally introduced in 1995, the amount of data which companies hold on individuals has grown rapidly. With data breaches still regularly making the news, many UK consumers feel that GDPR is long overdue.
The GDPR introduces larger fines for non-compliance, and gives some power back to consumers in terms of what data companies can store, and what they can do with it. The regulation is EU wide, so the rules should apply to all companies within member states.
What are the ins and outs of GDPR?
The regulation has two main objectives:
Key details include
How will GDPR affect my business?
If your business holds any data on anyone in the EU, it must comply with the GDPR. We’ve put together a quick checklist of things to help assist you in the compliance process:
GDPR might represent a great time to review the data you hold on your customers, and how it is used. Check your data policies and guidelines, and review exactly what data your business holds on individuals, how long it is retained, and what it is used for. If anything seems extraneous, out of date, or is no longer used, consider removing it.
Is your method of gaining consent compliant with GDPR, or do you use something like a deceptive opt-out checkbox? If consent isn’t explicitly being gathered from customers, you shouldn’t be gathering it.
Complying with GDPR will be much easier if all departments are on board. Ensuring teams are knowledgeable about GDPR, and how it affects their specific job role, will save money in the long run.
With shorter timeframes for reporting breaches, ensure plans are in place if a breach does occur, and know specifically how your business will deal with it. Also ensure that any website changes, or changes in print documents are made well in advance of the 25th May 2018 date.
While GDPR might seem complicated and just another “thing to do”, it represents a chance for businesses to review their policies, and make their marketing efforts better for customers who do wish to receive information from the company. Businesses which are seen to comply with GDPR may gain additional trust from customers, in the knowledge that their data is safe.
What about Brexit?
The UK minister responsible for GDPR said the UK will mirror the legislation in the UK, even after the country leaves the EU. Compliance is further dictated by the fact that the directive extends to any business handling EU data, whether in the EU or not. As Brexit pans out, this may however, become more convoluted…
We can help
We provide business systems and digital solutions which can aid your business in becoming compliant with GDPR. Why not get in touch and we’ll see how we can help.
Introduction The Bridges shopping centre, situated in the heart of Sunderland city centre, is the home
Find out more
Introduction Founded more than 30 years ago and situated in Carrbridge in the Scottish Highlands, Landmark
Find out more
Changing Lives is a national registered charity that provides specialist support services for 6000 vulnerable people
Find out more