On to our fifth and final talk of Let’s Get Digital, all about GDPR. It’s safe to say the new GDPR (that comes into play in May 2018) is a hot topic right now, and it sparked more than a few questions from our audience. Here are the key things to take away:
What is it?
Put simply, GDPR is all about data protection. This EU regulation will ensure that businesses are collecting, storing and using customer data in a compliant and legal way. It’s also designed to return control to customers where their data is concerned.
Why do we need it?
The three main reasons for the new GDPR are trust, consumer control and transparency. Whilst it might seem scary, this is actually a really positive development, designed to improve relationships between organisations and their customers.
What happens if you don’t comply?
Not complying can be pretty pricey; your business could incur fines of up €20 million or 4% of your annual turnover (whichever is greater). This is why it’s essential to make sure all your staff are up to date with all the best practices, especially for SMEs.
What’s been updated?
There are six key principles that have received a revamp this time round. These are: lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation and security. You can find out exactly what these mean in our guide to GDPR.
Do you know about special data categories?
If you’re collecting data on racial or ethnic origin, politics, religion, trade union membership, genetic and biometric data, data on health and sex life, sexual orientation or criminal data, you’ll need to follow stricter rules. You’ll also need a data protection officer to oversee your strategy, so it pays to know exactly what data you need and why.
What counts as consent?
Consent is a word that’s bandied about a lot when it comes to GDPR and it’s really important to know exactly when your customers have given it. Consent only counts if it’s freely given, specific, informed and unambiguous. In other words, pre-ticked boxes are no longer valid and the same goes for conditional consent, such as in the case of competitions. Customer consent is only valid when they’ve taken affirmative action to receive the communications specified on sign-up, where there is clear information on exactly how the data will be used. Whilst this makes consent harder to achieve, it doesn’t make it impossible and you’ll end up with a more engaged, purchase-ready database.
We’ve written a whole guide for all things GDPR which you can download here.
You can also give us your informed consent to receive our monthly email newsletter to get the latest news about GDPR as well as Cobb updates and digital marketing insights. All you need to do to sign up is fill out the form below: