The letters “GDPR” have been floating around in the tech space for over a year, and about 1/3 of marketers still don’t know how it affects their business. The deadline for GDPR compliance is approaching quickly, and AYC has been educating all clients that have an international reach to help them prevent breaches in these regulations. GDPR is all about risk mitigation from the perspective of the customer, client, supporter, prospect, subscribed and employee – and we are here to help!
WHAT IS GDPR?
The EU Parliament recently passed the most significant online data privacy legislation in 20 years. This regulation is called the EU General Data Protection Regulation (GDPR – read more here).
By May 25, 2018, all companies doing business in the EU, regardless of their headquarters location, must comply with the new GDPR regulations regarding personal data and opt-ins before being able to establish an ongoing marketing dialogue with a prospect.
The GDPR aims to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the 1995 Data Protection Directive. Unlike a directive, it does not require national governments to pass any enabling legislation and so it is directly binding and applicable.
Any information related to a person that can be used to directly or indirectly identify the person is considered “personal data”. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.
It is also important to note that these rules apply to both controllers and processors — meaning 'clouds' will not be exempt from GDPR enforcement.
DO I NEED TO BE CONCERNED ABOUT GDPR NOW, OR CAN I WAIT?
The deadline is May 25, 2018 for your business to be compliant. However, an important thing to note is that these changes currently only apply to EU citizens and the only way you would encounter a penalty is if an EU citizen reports their personal data being collected without their consent. We recommend you update your website and privacy policies based on these standards as soon as you can.
For more information on GDPR, please visit https://www.eugdpr.org/.