General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is the changes applying to the Data Protection Law and relates to the data protection act and what you are legally obliged to do. The deadline for GDPR is 25th of May 2018.
As little as 6% of companies are truly ready.
What is it?
An in depth look can be found in our blog post: The GDPR – What you need to know
But for a quick GDPR summary, it’s a new regulation from the European Commission that aims to ensure that the personal data of all EU citizens has more protection.
Businesses will need to ensure they comply with all aspects of GDPR and have proper systems in place to show that they are complying, as it is going to be heavily monitored.
The new regulation applies to; Data Controllers and Data Processors. Some companies are confused as to which role they play, however there is an easy way to distinguish between the two:
- Data Controllers – The GDPR defines a controller as ‘the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data’.
- Data Processors – The GDPR defines a processor as ‘a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller’.
Another major addition specified with GDPR in the introduction of a Data Protection Officer where applicable (that’s a DPO for those in the know). A DPOs job is to assist you to monitor internal compliance, inform and advise on your data protection obligations, provide advice regarding Data Protection Impact Assessments (DPIAs) and act as a contact point for data subjects and the supervisory authority.
Affecting the day to day operation of many business with the implementation of GDPR will be the new data cleansing and processing rules. Under GDPR, any data you hold must be ‘as accurate as possible.’
At Impact Marketing we are currently working with a number of clients to ensure they are ready for GDPR. We have the unique opportunity and experience to be able to offer a wide range of services to assist with GDPR preparation.
If you have any of the following data, you will need to ensure GDPR compliance;
- Prospect/Marketing Data
- Client Data
- Warranty Data
- Past Client Data
- Profile Data
If you hold any of these or any other data that contains personal information pertaining to any individual, you will be required to keep it to standard.