There is a lot of noise around GDPR but if you want an easy-to-understand explainer, read on.
Here are the facts
On the 25 May 2018, the EU’s European General Data Protection Regulation (GDPR) will come in to force. As it’s an EU regulation, the GDPR will automatically take effect without the need for it to be locally implemented by member states.
The GDPR applies to businesses who offer goods or services to ‘data subjects’ (people who hand over data in return for services) within the EU as well as those who monitor the behaviour of data subjects in the EU. It applies to data controllers as well as data processors. In short, it’s all about data.
Let’s cut through the noise
Does the GDPR apply to your business? Most likely yes.
If you do any business in the digital economy and if your website ‘profiles’, or ‘tracks’ users, or if you have customer emails, then the GDPR is relevant to you.
What’s the aim of the GDPR?
The GDPR’s purpose is quite noble, namely to put control of personal data back in the hands of the customer.
The GDPR creates a single set of data protection rules, rather than the legal maze built by 28 different EU member state laws.
What is the first thing I should do?
Giving power back to your customers requires you to look at how you collect data, what you collect and how you use it. In other words, you need to have a comprehensive understanding of your data practices.
This sounds complicated
Not really. The heart of the GDPR is about consent.
You must make sure your customers have a good experience if they hand over their data to you.
To make the consumer experience positive, businesses will need to provide a simple and easy-to-use solution that tells the customer what its data practices are. You must tell
