Brands serving a global clientele online will know privacy is one of the key concerns addressed by information security today. On May 25, 2018, the EU has enacted the General Data Protection Regulation (GDPR) to better regulate the way that personal data are used. What does it mean for local brands and marketers?
The GDPR requires businesses to protect the personal data and privacy of EU citizens and any individual based in the EU, regardless of where the data is being held. Companies that collect, store and process such data will need to comply with strict new rules. Despite Brexit, the UK has also publicly stated they will adopt the GDPR in full.
Under the GDPR, these individuals will have the right to have their personal data removed from systems or online content, the right to avoid automated data profiling (where this would produce a legal effect), and the right to be given an accessible copy of their personal data. Apart from preparing for the above additional demands from customers, companies should take a proactive approach in compliance with GDPR.
You may carry out a detailed investigation of the personal data your business is collecting (e.g. from online purchases or prize collection) and who it is being shared with. And assess your findings to identify which of your business activities must comply with the GDPR.
The GDPR is arguably the most complex piece of regulation the EU has ever produced, and this article only covers a fragment of it. There is, however, one thing worth taking note — non-compliance could cost dearly. That’s why precautions should be taken to avoid possible pitfalls. You may refer to further details here: https://www.eugdpr.org
