Business / 28 February
Here at Point Blank we have a thorough knowledge on the upcoming rules for GDPR (General Data Protection Regulation) that is coming into effect in May this year. Here’s the lowdown.
GDPR is all about transparency, making sure you know exactly what you are signing up to. It is an effort to simplify the process for users so they do not have to trawl through a privacy policy that is longer than the US constitution!
As a user of a website, for example if you’re subscribed to your favourite news sites daily briefing, you will have the right to be forgotten. This means the provider of this newsletter has to be in a position to easily delete your data when you request this. After May expect to see more checkboxes when you sign up to a newsletter or subscribe to a service. This is because all users must provide consent to be ‘subscribed’ for example. So implied consent will no longer be enough, as a user you must active opt-in.
Here is the fun part. As a business you are now legally obliged to keep a record of how you process data for your users. This may sound a bit scary but if you are prepared it can be dealt with in an orderly manner.
Our organisation have performed a Data Protection Impact Assessment to describe, measure and assess risk in our data flows. We went through the following phases of a DPIA:
The Data Protection Commission have a good article on a DPIA.
The popular newsletter service Mailchimp have a good article covering how they are dealing with the forthcoming changes. But if your newsletter signup forms are custom built and not a ‘hosted’ Mailchimp form, you will have to change how it functions. Google also have a good resource on their commitment to GDPR.
Limited Offer – 20% Discount on our GDPR review
This article is purely for guidance, and does not constitute legal advice or legal analysis.