You may have heard a term coming through the business world in the last few months known as GDPR. The General Data Protection Rule is a rule which is coming in from the 25th May 2018: and is all about making sure that companies comply with certain data laws.
Data is a precious resource in this day and age, and it can be something which many people will use as a form of currency under the right circumstances. When it comes to personal data, there is a lot of issues surrounding the use and retention of data relating to your employees and clients. This particular law is coming in this year to monitor the way a company can keep your data on their system. Here are some of the things you need to know about GDPR before it comes into effect at the end of the month.
It applies to businesses
This rule for data protection applies to all EU companies and will control the way that they store personal data, and also control the way that they are able to contact people they have the details of. If they are to collect data on customers or employees they will have to comply with certain rules. If the rules are not complied with, a hefty fine can be given out. The aim of this law is to improve trust between businesses and individuals.
It starts on 25th May 2018
If you want to make sure that you don’t get fined for a data breach by your customers, you will want to think about hiring GDPR Services to help you secure all data and ensure that it is complying with the law on the correct way. If you do suffer from a breach of data under these new regulations you will have to notify the ICO within 72 hours, as well as contacting anyone whose data has been leaked during the breach.
There is a hefty penalty
If you do not comply with the new data regulations after the data above, you can be fined a huge sum, and this can even put our business under. If you are contacted by a customer or a past employee who wants their data wiped from your system and you do not comply within 72 hours, you can be fined 2% of your annual turnover for the breach. This new law is taking personal data incredibly seriously and it is important to make sure that you comply with the demands given to you.
The right to be forgotten
If you store the data of an employee or customer who no longer does business with you, they have the right to be forgotten. This means that you have to erase any trace of the person from your records and from your business. If you are asked to do this and you haven’t done so within those few crucial days, you will be faced with a large penalty for the breach.
What data count?
If you are looking to erase the information of past employees or customers to ensure that they are forgotten, you will need to erase everything from their names, address, email address, bank details, photos, correspondence and IP address. You will also need to delete any social media names and lists which relate to the person in question. By the end of the process, there should be no e evidence that someone was ever involved with your business.
In place of the pre-ticked opt-in boxes you have when a customer signs up with you, you now must use a double opt-in option to ensure that only those who want to be contacted will be. If you have a large email list already, you will need to send an email out to them asking if they still want you to contact them. If you don’t get a reply, you have to take their name off the list and delete their data.
Records must be kept
For the new data law, you must ensure that all data that passes through your business is recorded and tracked so that the origin can be seen. You can no longer pay for a list of random email addresses to contact because it is against the law to contact people without their consent. You must be able to prove the reason for having contact details and your purpose with them. If you cannot prove the purpose of having someone’s data, you need to get rid of it.
Access is free
If a customer asks you for access to their data in your company database, you cannot charge them for the privilege of seeing it. You will need to make sure that you show them exactly what they want to see within 30 days otherwise you will be fined for the misconduct.
The UK still applies
Although article 50 has now been triggered, marking the start of the process to leave the EU, the UK is still part of the EU for the next two years. This means that you still have to comply with these rules for the next couple of years, and if you don’t you will be punished in accordance with the law. It is worth clearing out your data and cleaning things up this week to prevent anything being an issue once the law does come in.
Data protection officer
If you have a company who engages in contact with the public frequently, you will need to appoint a member of staff to be your data protection officer. They will be the person responsible for ensuring you don’t get sued for keeping data you shouldn’t, and they will ensure that customers and employees are happy with your process.
The GDPR law is one which will change the face of data protection forever and will be an amazing addition to our businesses. Here are some of the main benefits of this new law.
If you work to make sure that your data is correct and always up to date, you will have a much better reputation for your customers. If it is seen that you care about protecting the data of your customers and that you won’t try to hold on to it after the law comes in, you will be trusted more and people will want to come and do business with you.
By being cyber safe you will immediately build a more trusting relationship with your employees and this will be a great benefit to you and your business. Your employees and customers will be much less likely to leave you for someone else because they know that you will keep their data safe.
Complying with the new GDPR law means that you have to update contact details for your employees and your customers. It will allow you to stay up to date and keep your information more accurate. This is a good thing for you as a business because you will know that you are contacting the right email address and the right person when you send out newsletters, and because of this you will likely have a more successful sales record.
Data Security Globally
Whether you are a business or an individual, it is important that you take care of data and make sure that it is kept safe. No one wants their data to be used for a negative cause, and this new law can prevent anyone getting to you who shouldn’t be able to.