One of the biggest changes in the way data is stored and managed is coming in May 2018, known as General Data Protection Regulation, or GDPR for short. This new directive from the UK Government comes into force on 25th May 2018.
What is GDPR?
As a business, charity or organisation you are classed as a data controller, your website possibly collects data from customers and visitors through online forms, shopping carts, contact forms or newsletter subscriptions. That data is then stored electronically either on a computer or web server and so is being processed either by staff or third party companies.
As data controller the data is owned by that company and all decisions on what should be done with the data are made by the same company, the data processor is the system or resource that processes the personal data but has no interest in the data content.
All businesses, companies and organisations will have greater responsibility of the data that they obtain and store for legitimate reasons relating to their business area. The personal data must be obtained willingly, fairly and with consent. The data must be stored confidentially and ensured the data is up to date and accurate.
How will GDPR affect data that is captured?
With the new regulation coming into force in May 2018 all companies, businesses and organisations are required to provide their customers or visitors with at least some of the following:
What can I do to comply with GDPR?
We are by no means experts on GDPR and the exact laws and legislations surrounding it, we are not legally in a position to tell clients the right or wrong way and so if you are concerned seeking legal advice is the best solution, we are however clued up and have researched and attended seminars on GDPR and data protection so we can review and advise clients where necessary.
Can you provide a checklist to help my business with GDPR?
Yes of course, we have put together the following checklist that will help you get up to speed and ensure you and your company or organisation is ready for GDPR, by the 25th May 2018 you need to have started making the initial steps towards being GDPR compliant:
To put GDPR in summary, firstly don’t panic, you are not going to get arrested over night. But you need to ensure the data that you hold and process is done so confidentially and for good reason connected to your area of business. The data you use must have been captured fairly and honestly and the recipients be aware of this.
You can no longer auto enrol customers and visitors into newsletters or send them marketing materials when they haven’t requested it, customers are able to put in a subject access request which will mean you providing them with the information you store about them and for what reason.
For further help and advice please contact us.
19th April 2018
Blog Tags: Bedminster web design, Bedminster website design, Bristol web design, Bristol website design, Clifton web design, Clifton website design, data, data protection, data security, gdpr, general data protection rule, security, Southville web design, Southville website design, Spike Island web design, Spike Island website design