The General Data Protection Regulation (GDPR) became enforceable on 25 May 2018. It prompted a fair amount of commotion, with businesses in the UK clambering to become compliant and operate within this new law. Working together with the new Data Protection Act 2018, which aims modernises data protection laws in the UK, GDPR gives individuals full control over all their personal data. It also provides standardised data protection laws across the EU and applies not only to businesses controlling or processing data within the EU, but also those outside that offer goods or services to individuals in the EU. The government has confirmed that Brexit and UK’s decision to leave the EU will not affect GDPR.
Moving forward, GDPR is something that every business needs to review on a regular basis to ensure we are handling and storing personal data within the law. All businesses dealing with individuals should now have new provisions in place for collecting personal data, with consent having to be freely given, specific, informed and a record kept of how and when consent was given. Privacy policies must be updated too if the way you handle information changes, and individuals informed. If you have appointed a Data Protection Officer, they’ll be responsible for monitoring compliance, ongoing staff training and awareness and handling any requests received from individuals with regard to their rights under GDPR.
GDPR has undeniably made business more accountable when using individuals data, but what will GDPR will mean for digital marketing? The GDPR prevents selling and exchanging any personal data belonging to individuals, and companies will only be able to use data for the purpose that was explicitly indicated when an individual granted permission. If you’re marketing by electronic means, including email, SMS, fax or phone, you’ll need to comply with the direct marketing requirements of the Privacy and Electronic Communication Regulations (PECR) alongside the GDPR.
If you still have questions about the GDPR compliance of your digital assets we can help. We’ve produced a GDPR Check List covering the basics and giving guidance to our clients. Whilst GDPR has been a challenge to many businesses, it’s here to stay and to avoid the financial penalties that can be imposed it is essential to remain compliant.