By 2018 the new GDPR law will impact businesses across all sectors!
This will also have a significant impact on how you conduct your marketing activities.
What is GDPR?
The EU’s General Data Protection Regulation (GDPR) is a new legislation that will protect all EU citizens from privacy and data breaches. It introduced tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. The GDPR will apply to all companies processing Personal Identifiable Information (PII) of those residing in the EU.
What is Personal Identifiable Information?
Personal Identifiable Information (PII), also known as, Sensitive Personal Information (SPI), is used in information security and privacy laws. Its information that can be used on its own or with other information to identify, contact or locate a specific individual, for example: passports, employment history, financial detail, address details and location data.
All EU organisations must now demonstrate compliance by storing, managing, destroying and auditing PII appropriately.
When will GDPR apply?
It will apply in all EU member states from 25th May 2018, as GDPR is a regulation not a directive, the UK does not need to draw up new legislation – instead, it will apply automatically.
All organisations, public and private will now have to comply with much stricter guidelines around data management and policy. All EU citizens will now have the right to:
– Be notified of any data breaches
– Access any PII held by organisations
– Be forgotten
– Obtain and reuse PII for their own purposes
Organisations found in breach of the regulation can expect administrative fines of up to 4% of annual global turnover or €20million.
What do you need to start thinking about?
GDPR will have implications on how you conduct your direct marketing activities. Whether you are a small or large organisation, you will need to have a plan about how you collect and manage your data. For example, if you do, or are planning on doing, email marketing campaigns, your data will probably need to be double opted in. In many ways, this is a straight forward process, but needs to be planned. We can help you do this!
If you are still unsure or would like more advice about GDPR, please contact us today on 01785 247588 or click here.