On the 25th May 2018, the law is changing and GDPR or General Data Protection Regulations will come into force. If you have not heard much about it yet, you will soon as it is a big deal and will affect all businesses no matter the size. So what do you need to know and how will it affect your business?
WHAT IS GDPR?
GDPR or General Data Protection Regulation to give it is full name is a new EU law Regulation (EU) 2016/679 and is a regulation that the European Parliament and the Council of the European Union and Commission are bringing in to help unify and strengthen data protection for all individuals with in the EU. The new law/regulation will also address the export of data outside of the EU, so you may think it won’t affect you when the UK leaves the EU or you are a country outside of the EU… WRONG it will still affect you and your business and also other Countries that work in the EU.
The aim is to give EU citizens more control over their data and how it is used and unlike a directive it does not require national governments to pass any enabling legislation and therefore it is binding and applicable to all businesses both in the EU and outside the EU if you trade with individuals and businesses in the EU.
If your business sends direct mail, makes sales calls or uses email marketing then GDPR will change what you can and can’t do when you contact, collect or use data, so it is worth starting to think about the changes you will need to make ahead of the 25th May 2018 when the new law comes into force, which will save you and your business getting into trouble next year.
BUT MY BUSINESS DOESN’T COLLECT ANY DATA?
You may not think that you are collecting data, however, if you are using any tracking tools on your website such as Google Analytics or Facebook Pixels, for example, the YES YOU ARE.
When someone clicks on your website they have a right to know what data you are collecting about then and how you intend to use the data. The law will apply to all data that can be tracked back to an individual and will even include their IP address.