- Reprinted from the Act.com Blog -
May 25 2018 will mark a major divide in how businesses handle user data. This is because on this day, a new data protection bill, namely EU’s General Data Protection Regulation (GDPR), will take full effect. And while it may seem like just another legal formality, believe us when we tell you that it is anything but. GDPR will, without any hint of hyperbole, completely change the way businesses manipulate customer information. Moreover, businesses established outside of Europe shouldn’t let the letters ‘EU’ preceding the bill fool them into thinking that it won’t have an effect on them. GDPR will apply to all those companies who conduct their business with European citizens.
It doesn’t take much to notice that the digital marketing circles of the internet are abuzz over this new regulation. It should come as quite a surprise then, that by the end of 2018, when GDPR will be in full force, more than 50% of global organisations are estimated to be non-compliant with GDPR. With only months left in welcoming GDPR, it is high time for businesses to take preparatory measures for its inevitable arrival.
GDPR is a new piece of legislation introduced by the European Union. The bill, which is aimed at giving European citizens more control over how companies use their private data, will take effect from May 25, 2018. It is a stricter version of existing data protection laws in the EU, and will apply to any business that has European citizens as its customers. The bill will also be effective in the UK till it remains a member state of the EU, while plans of restructuring the UK’s existing data protection policies in line with GDPR have already begun.
In contrast to other data protection regulations, GDPR has a widened the definition of personal data, Under this new bill, personal data is any such information related to a person or data subject, that can be used to directly or indirectly identify the person. In addition to the usual suspects (name, picture, email address, contact number), GDPR also includes an individual’s computer IP address and mobile device identity as identifying pieces of data, making these protected under the bill. Learn more about GDPR and how it impacts your business.
On face value, GDPR sounds like a headache for the IT team. But business processes such as marketing and sales are not insulated from its effects either. In fact, you might have to overhaul some of your most staple sales practices to be compliant with GDPR.
Businesses cannot collect an individual’s data without their consent. This means that adding an individual’s information into your system via their business card is prohibited, unless you can demonstrate that they have consented to it. This also applies to data acquired by a third-party; if you have an individual’s personal data, by whatever means, you are responsible for demonstrating their consent.
GDPR does not only apply to data collected after May 2018, rather it applies to all data accumulated over the years. This means that you cannot use an individual’s data if they ask you to halt data processing, regardless of when that data was acquired. This rule also extends to data deletion.
Reverse IP tracking is another business practice that is sure to be affected under GDPR. In the bill, IP addresses are explicitly mentioned as forms of data protected under GDPR. This means that you can’t store an individual’s IP address, unless of course, you have their consent.
Finally, GDPR also protects customers from reactivation programs. These are programs that are aimed at bringing inactive customers back into the fold. Under GDPR, customers who have been dormant have to be re-informed, and have to opt in again, in order for their inclusion in such programs.
At this point, we hope that the article so far has provided enough motivation for you to tweak your business in line with GDPR. If not, the EU’s fines for non-compliance of either 4% of the business’ annual global revenue or 20 million euros (whichever is larger) should give you an extra bit of push.
To help you get started, we have outlined 5 steps you can take to make your business GDPR-compliant:
May 2018 might seem like a long way off, but it is always better to start sooner rather than later. Most businesses are complacent in their preparation for GDPR’s imminent arrival. In other words, you can look at GDPR as a business opportunity to get a leg up over your competitors, not to mention winning over your customers’ trust by ensuring data privacy and transparency. It is true that GDPR presents new challenges to businesses worldwide. But, instead of flinching at the thought of this new regulation, embrace it and prepare for it. Who knows? It may be a blessing in disguise for your business.
Specializing in CRM software for small to medium sized businesses, through expert counsel, deployment, hosting, support, and development services.
Delivering fruitful CRM solutions since 1994, Keystroke is the #1 Act! Reseller in the World and Master Act! Distributor for Canada.
Toronto | 500 Gordon Baker Rd. Toronto, ON, M2H 3B4 | |
Toll Free | : | 800.857.0558 |
Office | : | 416.499.3090 |
Fax | : | 416.499.1090 |
Kitchener | 250 Woolwich St. S. Breslau, ON N0B 1M0 | |
Toll Free | : | 800.939.4737 Ext. 1 |
Office | : | 519.579.1408 |
Pay your bill online |
||
Monday to Friday: 9AM to 6PM EST
Saturday & Sunday: Closed