The most important change to data privacy regulation in 20 years is coming into force this week. Known as the General Data Protection Regulation (GDPR), it will be change the way that UK businesses handle data.
The new law is being introduced to give people more control over how their personal data is shared. As the law will be unified throughout the EU, it will make it easier for businesses to organise their data. It applies to all EU businesses who handle personal data when selling goods/services to people in EU countries.
Personal data is classed as anything that can be used to identify a person. This includes anything from names, email addresses, bank details, any information shared on social media sites and photo identification.
Businesses can be fined up to £500,000 or 4% of their annual turnover for failing to comply with the new changes. This could potentially have a big impact on SME’s who take the hit, as they will find it much harder to recover from the cost of a fine.
The lifeline of what happens to customer data once it has been collected must be a lot more transparent, so it’s vital that you review how your customers data is shared after it has been collected. If you are a business who receives user data second-hand, you need to be a lot clearer as to what is happening to it.
Request for consent must now be clearly visible to customers and not hidden within small print. So, there will be a lot more businesses noticeably asking permission to collect data. All areas of your business should be considered as to what and where any data is stored. To gain customer trust, you could offer the option for your customers to find out what data you have stored about them.
You will also need to review how you approach your marketing and advertising. For many years it’s been easy for businesses to share data over the internet but with the new regulations it’s tightening up this process.
For more information into how your business will be affected in the countdown to GDPR, visit the GDPR portal.