With only two months to go until the updated General Data Protection Regulation (GDPR) kicks into action, it’s vital that your business is completely ready well in advance of the May 25th deadline. Otherwise, you run the risk of receiving hefty fines as high as €20 million, or 4% of total worldwide annual turnover (whichever is the most).
Any EU, EEA, and UK business that processes and manages personal data of EU clients, customers and employees will be affected by this updated regulation. Further, businesses located outside of the EU that deal with data of EU clients will also be affected.
With only two months to go until the updated GDPR regulation kicks into action, it’s vital that your business is completely ready well in advance of the May 25th deadline. Otherwise, your business runs the risk of receiving hefty fines as high as €20 million, or 4% of total worldwide annual turnover (whichever is the most).
The most important things you can do at this point are to:
- Research the GDPR in-depth to ensure you completely understand the updated regulations
- Perform a review of the processes and practices taking place at your business
- Analyse your platform and infrastructure to determine whether or not you are fully compliant
- Carry out a data audit to identify all data processing activities at your business
- Identify the ‘weak links’ in order to strengthen or remove them
The whole point of the GDPR is to strengthen the protection of people’s personal data and ensure that all policies and practices are in line with our digital era.
The revised GDPR will most certainly affect the world of content marketing.
For instance, if you wish to send out an email marketing newsletter, you will need to comply with the GDPR. In order to be compliant, you must first obtain consent from your customers (individuals must opt-in to receive your mail). They must know what they are consenting to while consent must be “freely given, specific, informed and unambiguous.”
So let’s say you’re asking people to sign up for your newsletter. To do this, you must explicitly state that your brand is collecting data, and describe exactly what it will be used for. You will also need to have proof of consent on file, say in the form of screengrabs or consent forms. This must be stored somewhere safe and easy to access when required.
The same holds true for data already obtained, so if you’ve got details on record, you now need to reach out to those individuals to confirm that they are okay with you keeping their records on file. If not, you need to appropriately discard that information immediately.
There is a great deal involved in GDPR so if you’re feeling confused and need some professional guidance, get in touch. I work closely with a leading GDPR and FADP consultancy firm offering specialist services designed to ensure that your organisation lives up to GDPR regulation.
To learn more, email firstname.lastname@example.org.