What YOU need to know:
What is the General Data Protection Regulation (GDPR)?
- The GDPR is a new EU regulation to strengthen data protection for all EU citizens.
- If you offer services or products to EU citizens this new regulation will affect your business and the customer data you store.
When does this Regulation come into effect?
25th of May 2018
What kind of data applies?
Basically, anything and everything. Any data that can be used to directly or indirectly identify your customer is protected by the GDPR. Anything from their name, photo, email address, bank details, even their IP address.
Understanding the data rights of your customers
- The GDPR offers your customers new rights, one being the right to be forgotten. Meaning that upon request you must delete and destroy all personal data you store about an individual.
- You must also receive permission from your customers if you plan to use or share any of their personal data.
- We highly recommend you visit www.eugdpr.org to find out how the GDPR will affect your business.
Ignoring the GDPR is not advised.
The good news:
You do not need a long formal legal document, in fact, the GDPR forbids legal jargon and demands simplicity.
What do YOU need to do:
- You simply need to let your customers know what data you will store, how it is stored, how it is used and how long you will keep it.
- A new page on your website detailing this is sufficient to bring your website into compliance. If your website uses online contact forms you will need to make a small change. You need to obtain agreement from each of your customers before you store any details that they share with you.