With just weeks to go before GDPR comes into effect, we wanted to update you as to how we’ve been preparing, how the new law affects you and (in case you need it) a little background about GDPR in general. First things first…
What is GDPR?
The General Data Protection Regulation (GDPR) is a European Union law which is being introduced on 25th May 2018 to strengthen data protection and privacy laws for individuals. It will replace the Data Protection Act (DPA) 1998 in the UK.
While many aspects of GDPR are consistent with privacy principles which have been in place for decades, the new regulations seek to give people more control over how organisations use their data. There will also be much higher fines for organisations which fail to comply.
Why do you need to know about GDPR?
The GDPR applies to any business that processes personal data of customers, suppliers or employees. To ensure your business is compliant and avoid hefty fines, it’s likely you will need to make some changes to the way you store and handle data.
The GDPR requires all organisations to identify their role as either a Data Controller or Data Processor for each type of personal data they process, as these roles have different legal responsibilities:
A data controller manages how and why data is processed and is responsible for making sure the process is in line with the law. A data processor will process the data only as they have been instructed, but will also be required to demonstrate compliance with the law and held accountable if they are involved in a breach.
For the provision of leads, both Holmes Media and the businesses we work with are Data Controllers.
What have we done about GDPR?
We will also be issuing new terms of business to clearly outline our data sharing arrangement and what it means for the businesses we work with.
What should you do about GDPR?
To be sure your business will comply with the GDPR, the first step you should take is to ensure that all personal data you keep on customers is in a safe and secure location.
We’ve not included everything you need to know about GDPR by a long way so, if you haven’t already, it’s important you look into the details of the new law as soon as possible.
To get you started, a helpful summary has been released by the ICO (Information Commissioner’s Office) outlining 12 steps to preparing for the GDPR which you can read here.