“Three quarters of us don’t trust businesses to do the right thing with our emails, phone numbers, preferences and bank details. I find that shocking”
Elizabeth Denham, UK Information Commissioner.
On the 25th May 2018 the EU's General Data Protection Regulation (GDPR) will come into force. It will affect every business that holds personal data on EU residents, including data held outside of the EU. That includes data not only for your customers and suppliers, but also for your staff and associates. Are you ready?
This act, alongside the e-Privacy Act, provides more rights for individuals regarding how their personal data is held and used. Personal data includes details such as name, number, address, online IDs, and anything that might be considered to be physical, physiological, genetic, economic, cultural or social characteristics of an individual.
Under the new act, an individual has the following rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erase
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
As a business are you ready? Do you know where your data is and how it is held? Do you need to amend any of your legals or processes to ensure that you comply?
Through our IT division we are currently updating our own systems and helping our clients to identify what data they hold that will be affected by GDPR regulations, and advising the steps that they need to take to ensure that they comply by the May deadline.
If this is something you are interested in contact us for further details.