Is your firm’s marketing strategy GDPR compliant?

Set to come into effect in May 2018, the General Data Protection Regulation (GDPR) will change the existing data protection regime in the EU.

Aiming to give consumers with greater control over their personal data, this will lead to changes in how businesses are able to utilise and process this information.

This is particularly relevant where marketing is concerned.

However, whilst many firms may be aware of this, the big question tends to be around the extent of the impact on marketing. How will it affect them in practical terms?

Here are 10 essential things you need to know about the new GDPR..

– Some may wonder why the GDPR has been introduced if we already had the UK Data Protection Act 1998 (DPA). The GDPR is designed to keep up with an ever-increasing digital world.

– It covers a wider range than the DPA and extends the data rights of individuals even further. All organisations are obligated to create clear procedures and policies when it comes to protecting personal data.

– The new GDPR will be applicable from Friday 25th May 2018 – this is the deadline for all businesses in terms of drawing up new procedures and sorting their current data.
Individuals will need to double opt-in for marketing communications. This means businesses can no longer enforce pre-ticked boxes, so users have to manually opt out of unwanted communications.

– It will apply to all businesses processing customer data within the EU and also businesses located outside the EU but offering products and services to customers in the EU.
The UK won’t officially leave the EU for another two years, so the GDPR is still applicable to UK businesses offering products and services to UK individuals only.

– All consumer data collected before the GDPR is enforced will still have the ‘right to be forgotten’ if they so wish. This means the controller of the data must completely erase all data held on the individuals – including copies of the data held by other organisations.

– Data held can include personal data such as IP addresses, bank details, social media profiles, social media posts, photos, emails, home addresses, telephone numbers and medical details.

– Businesses who don’t comply with the new GDPR could be banned from any data processing activities.

– If a business does not comply with the Regulation, then they could be fined up to 4% of their global turnover or €20 million – whichever amount is greater.

– A company cannot charge a consumer a fee if they request access to their own personal data. The data must be provided within 40 days of the initial request.

– If a company deals with the personal data of a child under 16 then parental consent will be required.

For more information how to ensure your firm’s marketing strategy is compliant with the GDPR, call us today on 0800 133 7127 or email us at [email protected]

This article was submitted to be published by Solve Legal Marketing as part of their advertising agreement with Today’s Conveyancer. The views expressed in this article are those of the submitter and not those of Today’s Conveyancer.

Today's Conveyancer