The General Data Protection Regulation (GDPR) is a new regulation concerning data protection and privacy. Set to replace the current EU Data Protection Directive 95/46/EC, it contains a set of data protection rules designed to enhance data protection for EU residents and bring legislation up-to-date in line with how data is now used.
Containing a wide range of strict privacy-related requirements, the GDPR details exactly how organisations and companies must collect, store, process and manage personal data.
All businesses and entities, regardless of where they are located in the world, MUST comply with the new regulation if they are processing and managing personal data of individuals (including customers, clients and employees) who are residents of the EU, including the U.K. post-brexit. Of course, the new GDPR also applies to all businesses and entities based in the EU.
Failure to comply and protect your customer and employee data adequately will result in major fines of up to €20 million, or 4% of total worldwide annual turnover for the preceding year (whichever is higher). Not only that, but your business will suffer with reputational damage and loss of consumer trust.
Since your business will more than likely be affected, it is imperative that you take immediate measures to achieve full compliance with the new regulation by the deadline: May 25th, 2018.
It is vital that you make your website and your business fully GDPR compliant. There are a number of specific measures that must be implemented in order to ensure full compliance.
It is vital that you:
• Conduct a full review of your processes, practices, platform and infrastructure so that you are fully GDPR compliant by the specified deadline
• Perform a full data audit to identify all of your data processing activities, including reservations, marketing and human resources
• Perform a detailed personal data audit featured on your website’s privacy policy page
• Evaluate and revise your current data protection strategies to ensure they meet all GDPR requirements
• Perform an analysis of third party data processors and weak links
• Appoint a Data Protection Officer
Yes, the GDPR might seem intimidating with complex requirements in place, but it does give your business a chance to improve its data processing practices. Further, it can also be used as a way to improve your business’ reputation as if it is clear that you are fully compliant with the latest GDPR requirements, individuals and businesses will be more likely to trust your business and choose to engage with it.
With the right knowledge, understanding and support, your business will be adequately protected and fully GDPR compliant.
8 Ways Media possesses in-depth knowledge and understanding of the GDPR and all of its requirements.
We strongly recommend you get in touch to determine the impact of the GDPR on your organisation and learn more about how 8 Ways Media can help prepare your organisation for full GDPR compliance.
For further advice and guidance, please contact us or contact our GDPR partners, Sigrid Partners - https://www.sigrids.ch a Swiss - Geneva based GDPR & FADP Consultant.