May, 2018 was a historical day in the calendars of both business owners
and customers alike. It was the day that the EU’s General Data
Protection Regulation (GDPR) was enforced.
implementation of this regulation is expected to change and affect the
way business is done going forward. The realistic implications are
expected to unfold as we make our way into 2019.
every business person, marketer, and maybe customer knows how important
data sharing is in this smart business world; from provision of
improved products to enhanced customer experience.
relevance of data cannot be overstated. How and what the data is
actually used for is a growing concern for customers, who provide this
data. More so, the security and protection of these supplied data from
intrusion by unsolicited parties is also an issue to led to the GDPR.
The Synopsis of the GDPR
When it comes to handling personal data that is supplied by any individual (customer), the GDPR makes the following provisions:
- Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.
data shall be collected for specified, explicit and legitimate purposes
and not further processed in a manner that is incompatible with those
data shall be adequate, relevant and limited to what is necessary in
relation to the purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
data shall be kept in a form which permits identification of data
subjects for no longer than is necessary for the purposes for which the
personal data are processed
data shall be processed in a manner that ensures appropriate security
of the personal data, including protection against unauthorised or
unlawful processing and against accidental loss, destruction or damage,
using appropriate technical or organisational measures.
You can get the full gist in article 5 of the GDPR.
The question now is; what are the applications and implications of the GDPR to both businesses and customers alike?
Here are key facts you need to know:
1. The Aims and Objectives are Clear
Basically, the GDPR is quite simple and easy to understand. The whole objective of this regulation boils down to:
and strengthening the security and protection of the data shared by
customers when interacting with businesses or other forms of
interactions that require data sharing.
- Giving customers greater control over the storage and usage of their personal data.
- To check and control third party access to customers’ personal data.
are basically the purpose of the GDPR. Compliance is not optional.
Therefore you need to know how this plays out to navigate your way
and controlling how businesses deal with customers’ personal data –
which can be anything from name to home address, race to religion,
social media activities to genetic and biometric information – is the
core purpose of the GDPR.
2. It Supersedes Other Data Regulations.
earlier stated, this is a regulation that emanated from the EU and was
intended for the EU community. However, this regulation and its
provisions have gained worldwide implementation.
It takes the place of other data policies like the EU’s Data Protection Directive or the UK’s Data Protection Act.
It supersedes these other acts in the following ways:
- It is globally binding, whether you’re in the EU or outside of it.
- It brings several other legislative provisions on data handling into one legal framework.
- It takes third party access of data into full consideration.
There’s no going around this one, at least for now.
3. It Affects Everyone
major economic shake ups, such as Brexit, happening in 2019, there were
concerns about the global effect of GDPR. However, the responsibility
to protect, secure and control customers’ personal data is for everyone.
the Brexit issue, the Queen has made it categorically clear in her
speech on 27th June, 2018 that GDPR will still be enforced in the UK.
order to ensure compliance, businesses have been tasked to have a Data
Protection Office. They will be saddled with responsibilities such as
monitoring compliance, cooperating with data protection authorities, and
informing businesses of updates in the regulation.
4. Non Compliance Will Attract Heavy Consequences
Okay, that is being said of any new regulation that comes into play. This is a bit different.
is a heavy financial punch that non compliance will throw at your
business if you don’t comply. A fine of €20 million or 4% of annual
turnover, depending on the one that is higher, will be slapped on
repercussions are a detrimental impact to company reputation and brand
legacy, and a potential suspension of data processing in the EU.
you’ve been in business for a long time, you will know that even though
you want to focus on the long term, you still need to take care of the
short term issues. If these little issues like compliance to GDPR are
not taken care of, they could compound to myriads of problems.
How Should You Shape For What’s Coming?
A few quick smart steps to take in order to set your brand up for compliance are:
that your method of obtaining consent from customers to either store or
use their data is GDPR compliant. Desist from using bogus terms that
only lawyers can understand, use terms that a lay customer can
understand. Also, do not assume that a customer’s silence means consent.
mechanisms in place to ensure that you honor a customer’s request to
edit personal data – which largely will be to delete their personal
data. You have to prepare to respect the customer’s right to revoke
personal data storage control.
measures in place to immediately notify customers who shared their data
whenever there is a data breach. The GDPR provides that the
notification be sent not later than 72 hours after you became aware of
you obtain parental consent for data sharing that involves children.
This is a new guideline that was captured in the GDPR that wasn’t in the
previous data regulations before it.
ready to be more open and transparent with customers on issues
regarding data storage and usage. GDPR is about handing control of personal data to customers.