5 Examples Of How GDPR Will Affect How You Do Business - How Many Will You Already Know?
5 Ways in which the new data protection regulation (GDPR) will affect how you do business – How confident are you that you will know all 5?
Unless you have been in hiding, you will know that there is a new data protection regulation coming into place from 25 May 2018. Tell me something new I hear you say?
Fingers crossed you already know the ‘5 ways your business could be affected by GDPR’ as I outline below and, if not I will be pleased to have shared them you; because from my perspective the information out there about GDPR is not always clear.
Here are 5 changes that will affect how you do business post GDPR:
- The regulations vary depending on if you are in the business to business (B2B) or business to consumer (B2C) market place. When reading guidance it is important to check from which perspective it has been written.
- If you operate in the B2C market you will need to have agreement from each individual customer and prospect that you can communicate with them after GDPR, and which medium(s) they are happy to receive.
Plus you need them to opt-in, not out.
You still have time to nurture your lists, just!
3. If you are operating in the B2B market you are able to continue to communicate with prospects who are an employee at a Limited Company (not a sole trader or some partnerships).
You must however provide the person with the opportunity to opt out and you must tell them why they are hearing from you. Great business sense really.
4. Non compliance - if you do receive a complaint from contacting someone who didn’t agree for you to hold their personal data, or personal data is leaked etc. then your business could be fined 2% of your annual turnover or a €10 million fine. For a second breach the highest fine could be 4% annual turnover or a €20 million fine, ouch.
5. You need to track how you populate data, including information such as where it was sourced, how permission to use it was granted, why you are collecting the data and how and when it is used.
Do you have a way of tracking and auditing your collected data?
6. Here is an extra tip as 5 didn’t seem enough - It is near impossible to become GDPR compliant on your own, Instead you will need an additional certification such as Cyber Essentials or maybe ISO 27001 to support your compliance. If you haven’t started one of these certifications already, there is still time but only if you start very soon.
How many did you already know? With 25 May just around the corner, I hope you got 5/5.
If GDPR is something you have been putting on the back burner then now is the time to make it a priority, just saying.
Do get in touch if you need any help.