6 Things You Must Know About GDPR Regulations
What is GDPR?
By May 2018, any online business or organisation that interacts with European Union (EU) citizens - i.e., asks for, collects, processes or stores personal data of individuals - will have to mandatorily comply with GDPR or General Data Protection Regulations.
What are examples of Personally Identifiable Information?
Personally Identifiable Information (PII) or Sensitive Personal Information (SPI) includes basic information like the first name, last name, email, ID numbers, phone numbers and addresses. Data use for analytics such as location, IP address, cookie data and RFID tags also needs to be protected. Health and Genetic data, Biometric data, Racial or ethnic data, sexual orientation and political opinions will also need to be safeguarded under GDPR.
This information can obtained while a customer signs up for an online subscription, becomes part of a database which will be mined to send out promotional offers, newsletters, emailers. Data can also be collected when a user visits your website (cookies) and his/her data is cached for future use.
What are the consequences of noncompliance?
If you mishandle EU citizen data or fail to comply with GDPR regulations, your organisation could attract strict penalties up to 4% of global turnover or pay fines worth 20 million euro.
Who does it affect?
Enforcement of GDPR is a game-changer for firms located across the globe which deal with EU citizens, and will have an impact regardless of where they operate out of, be it the US or Asia. While building a website, engineering solutions, thinking of business operations, creating processes in marketing, or HR, companies will now have to design with individual privacy rights as a default and not as an afterthought.
Why is it being implemented?
GDPR is being implemented by the European Commission to strengthen and unify data protection for individuals residing within the European Union (EU) and better control the export of personal data across its borders.
When is the deadline for compliance?
May 25th, 2018, is the cutoff date by which time your organisation must have put in place policies and processes to be compliant with GDPR.
Keep visiting our blog to stay updated on the latest news from the world of digital marketing, e-commerce, and write to us for expert guidance on how to go about building your website or brand online using the latest technology and publishing tools.
Preeti Prakash | Journalist