General Data Protection Regulations

February 9, 2018Blog

blog-header_GDPR.jpg

What is GDPR

GDPR stands for General Data Protection Regulations and is the new set of regulations which are being set in place from 25th May 2018 which will affect the way that all businesses obtain, hold and use data they collect from the public. This means that some of the practices which businesses currently have in place will no longer be allowed under these new GDPR guidelines.

What does the new GDPR Guidelines effect?

Under the new GDPR guidelines you will need to make sure that you tell people what information you are collecting from all of your users. This doesn’t just mean any information that is willingly provided through using a contact form but also includes all of the information which is collected automatically through tools such as google analytics. In fact, any data that can be traced back to the user then needs to be covered in a privacy policy page.

These guidelines also affect how you use the information gathered. You can’t just use the information in any way you like, once the information has been given to you. You must use it only for the reasons that were specified at the time the information was provided. This is especially important in email marketing as you can no longer assume that people want to be added to a mailing list when they provide their email addresses for other reasons. You are now required to have a little checkbox for people to tick if the agree to have marketing emails sent to them. You will also need to keep a log as to when they agreed that you could add their email address to a marketing list. This can be a simple as being sent an email when the user agrees to be added to the mailing list as long.

How do I make sure I don’t break the new GDPR guidelines?

With the new General Data Protection Regulations (GDPR) coming in to replace the Data Protection Act this year, it is more important than ever to make sure that your website has an SSL Certificate installed on it. This will help to protect your user’s information from being hacked or taken by encrypting the information and making it unreadable. This helps to make sure that all information that is provided online can’t be intercepted and stolen by people trying to gain access to phone numbers, names, email address and more.

You must make sure that your privacy policy is up to date and covers all of the information you collect on customers. This helps to make sure that customers know exactly what information they are giving over to you and how it will be used when they submit it.

You also need to make sure that you are storing all of the information in a secure way to prevent access to people’s data unless they need it for the intended purpose. This will help to prevent unauthorised people outside the business from gaining access to the data by hacking into your systems.

What happens if I don’t meet the new GDPR guidelines?

Companies that fail to comply with the new GDPR regulations by the 25th May 2018 could be fined up to 4% of their total business annual turnover or up to €20 million which ever one is higher.