GDPR? The Grateful Dead Peace Revolution? I hear you ask. No, not that, this GDPR is the EU’s General Data Protection Regulation. It comes in to force in May this Year and even though in the UK we will (Probably) be on the very eve of Brexiting the EU, these new laws around data protection will have an impact on any business that collects or processes personal data or information from website visitors.
Much of the regulation is in line with current directives that most of adhere to under the Data Protection Act 1998 (DPA) and the Electronic Communications Act 200 (ECA), but, there are some striking new elements that mean we will all need to address the way we seek consent to collect or process personal data and the policies we have in place to ensure the security of the data we lawfully collect, for example the ICO states in it’s summary…
The regulations require all organisations that collect and retain data to appoint dedicated Information Officers, responsible for data security.
Definitions of what counts as personal data are also widened to include IP addresses and other ‘Personal Identifiers’… ‘Reflecting changes in technology and the way organisations collect information about people’
The regulation also mentions ‘pseudonymised – eg key-coded’ data, so for example, those of us using the ‘User explorer’ features available in a ‘popular’ analytics tool need take note.
Dramatically, in the event of prosecution fines could be as much 2% of an organisations Global revenue!!
Of course there are many businesses and organisations that are only active in the UK and they may consider in the light of the June referendum, that these regulations do not concern them.
That may turn out to be so, but don’t count on it, given general public anxiety over data collection and the need of business to follow the regulations of significant markets, it is likely that the continued tightening will strongly influence UK policy.
At Evisible, we are data experts and have helped many organisations to cleanse and secure their marketing data silos, improving data collection and processing policies and practice, to both comply with general regulation and create opportunity to increase positive engagement with customers.
Talk to us about securing your own data and using it to effectively and ethically grow your business.