020 3151 4750
You may have heard the acronym ‘GDPR’ being used a lot lately without really knowing what it means or understanding it. As recently as January, nearly 40 percent of businesses in the UK reported never having heard of the GDPR and just 27 percent were actually actively doing something about it.
Given these statistics, you might be surprised to learn that complying with the GDPR is compulsory for almost all businesses across the EU, and failing to do so can result in fines of up to €20 million. It is important, then, to take a close look to understand the GDPR and how it is going to affect you.
The GDPR stands for ‘General Data Protection Regulation’ and it is EU legislation regarding data protection. The aim of the regulation is to give individuals more power over how their data is used by companies and organisations. Current legislation governing data protection was brought in before the rise of the internet, and as such it does not accurately reflect the possibilities in using and exploiting data – the GDPR looks to update this.
The new rules mean that there will be harsher fines for businesses that lose or incorrectly handle data and give people the opportunity to have complete control over how, why and when a company is able to access and use their personal details.
However, the GDPR is not designed purely as a punitive measure for companies. It also seeks to provide businesses with a simpler and more equal legal environment so that everyone has the same rules governing them.
In simple terms: yes. The GDPR applies to every business that handles, stores or uses the data of any individual EU citizen – this includes both customers and employees. This means that if you run a business you must take steps urgently to comply with the GDPR.
To understand how to deal with the GDPR you need to know what rights the regulations grant to individuals so that you can alter your system accordingly. Some of the rights granted by the GDPR include:
The GDPR additionally grants individuals the right to have incorrect or out-of-date data updated, and the right to have their details transferred from one service provider to another.
Remember that if your business stores any kind private data of individuals, you will need to comply with the rules of the GDPR. If you are found to be in breach of the rules after 25 May 2018 you can be fined. These fines can be extremely high – up to €20 million or 4 percent of the annual turnover of the business, whichever is greater. So, it is in your interest to comply with the regulations as soon as possible.
Some businesses wonder whether the UK’s Brexit ruling will affect the GDPR. It is true that this is a regulation created by the EU and the UK is set to leave the EU in March 2019. However, this does not affect whether British businesses will need to comply with the regulation. Firstly, the UK will still be an EU country when the GDPR comes into force. Secondly, however, even post-Brexit, any UK business that handles the data of EU citizens will need to fully comply with the GDPR. There is also no indication that the UK government is interested in repealing these reforms.
Ultimately then, when it comes to the GDPR, Brexit will not be a factor in whether your business needs to comply.
To comply with the GDPR it is important for you to take action as soon as possible. Start by identifying exactly what personal data you currently collect from individuals, where that data is stored, who can access it and whether there are currently any risk factors in data breaches surrounding the information you hold.
Consider what information you really need to capture and make changes to the way it is collected. You should also look at your current privacy statements and ensure that they are re-worded and presented to individuals so that they can give informed consent for you to use and store their data.
You should also look into having new and more thorough security measures put in place to ensure that the risk of data breaches is minimised. It is advisable, in any case, to work with GDPR compliance experts to update your whole system for the new rules.
Bulldog Digital Media are a leading transparent full service digital marketing & UK SEO agency servicing Essex, Kent & London. Covering all aspects of online marketing strategies with a transparent approach, specialising in organic search (SEO) and paid search (PPC). From a local SEO campaign, to an all singing, all dancing e-commerce bespoke website, we at Bulldog have got you covered!