On the 25th May 2018, as the clock struck midnight, your entire digital world changed overnight. Sort of. GDPR – the General Data Protection Regulation – changed the way that businesses handle and process personal data.
Despite the years of preparation businesses could have had to sort out their databases, what really happened was quite different. I’m sure your inboxes were obliterated with all the copy-and-paste notices telling you why they need your consent.
We had to do it too, so no judgment from us!
The trouble with permission
Perhaps out of ignorance, maybe through hatred of deleting ‘spammy’ emails, some businesses didn’t bother with GDPR compliance.
“It’s a fad, whatever. Cookie pop-ups are annoying,” some business owners may think. Well, what if they’re right? It’s been a few months since GDPR came into force… has anything REALLY changed?
The answer, truthfully, is yes.
What does GDPR do?
A quick regulation recap: it’s all about transparency of data usage. If a customer demands you hand over their information, you are required to give them full access.
Should a customer request you remove their PII (Personally Identifiable Information), you have to make sure you can do that too. Everything you do with their data – if you intend to share it with partners or use it to contact the customer directly, for example – needs to be consensual.
What if I don’t comply with regulation?
We don’t know the full extent, but we do know that the maximum penalty for noncompliance is 4% of annual global revenue.
Because we’re just at the beginning of this new age of privacy, it’s hard to estimate the size of fine the average business could face.
Has anyone been fined for GDPR violation yet?
Yes – notices are being posted. Action is being taken against non-compliant companies and individuals who have accessed records when they weren’t supposed to. Not even US tech monolith Facebook is immune to criticism. The legalities can be a long and gradual process and it’s only been two months, after all.
Consumer trust and GDPR
It’s not just fines you should be wary of: your customers received as many emails about data protection laws as you did. Customers are more aware than ever about what data you have – and what data they don’t want you to have.
The wall of shame
The ICO – the Information Commissioner’s Office – regularly updates this wall of shame. Though sparsely populated with GDPR-related charges for now, the penalties are creeping up.
That’s right: you ARE going to get named and shamed if your business is caught out by the regs. So what now?
Keep on top of your records
GDPR wasn’t a one-off event; it’s part of our daily lives now. We need to stay within the lines and – above all – just be more honest with our customers. They appreciate the honesty more than ever and we’re champions of that policy.
If you need more structure, the ICO fortunately provides an easy-to-read guide to get you familiar with GDPR. They include a checklist so you can see which of your current activities are compliant.
Need a hand?
If you’re looking for compliant ways to collect and use customer data for marketing, we can help.
Get insight to your inbox
Sign up for our mailing list by clicking the button below.