The GDPR deadline is looming. Is your business GDPR ready?
We all know that GDPR comes into effect on 25th May 2018, but did you know that is it something which was finally approved by the EU Parliament on 14th April 2016?
Effectively we have had just over two years to implement GDPR into our business, but for most of us, it was something that only recently became common knowledge and now time is quickly running out to implement GDPR into your business.
So what is GDPR?
The General Data Protection Regulation (GDPR) will standardise the data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information.
GDPR applies to all organisations holding and processing personal data of EU residents, regardless of geographic location and this regulation will be implemented in all local privacy laws across the entire EU and EEA region.
It will apply to all companies selling to and storing personal information about citizens in Europe, including companies on other continents.
It provides citizens of the EU and EEA with greater control over their personal data and assurances that their information is being securely protected across Europe.
Under the GDPR, individuals will now have:
- The right to access –this means that you have the right to request access your personal data and to ask how this data is used by the company after it has been gathered. The company must provide a copy of the personal data held on you, free of charge and in electronic format if requested.
- The right to have your information removed – if you are no longer a customer, or if you withdraw your consent from a company to use your personal data, then you now have the right to have your data deleted.
- The right to data portability – you have a right to transfer your data from one service provider to another. And it must happen in a commonly used and machine readable format.
- The right to be informed – this covers any gathering of data by companies, and you must be informed before data is gathered. You have to opt in for your data to be gathered, and consent must be freely given rather than implied.
- The right to have information corrected – this ensures that you can have your data updated if it is out of date, incomplete or incorrect.
- The right to restrict processing – you can request that your data is not used for processing, which means your record can remain in place, but not be used.
- The right to object – this includes the right for companies to stop the processing of your data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to you at the very start of any communication.
- The right to be notified – If there has been a data breach which compromises your personal data, then you have a right to be informed within 72 hours of first having become aware of the breach.
How Farmgear Marketing can help your business comply with GDPR
We have produced a free GDPR information document for our own customers that will help them to understand what GDPR means and we have also produced a free Farmgear GDPR policy template for our customers which we have given them all access to.
If you are not a current customer of ours but would like our help, then please get in touch with us. Please note that there is a small charge for us to supply you with our GDPR policy template.
The GDPR policy template is a pre-prepared document to help comply with GDPR, but as GDPR is unique to each business, we cannot do your complete policy for you, so text that is in highlighted in red, will need your own unique information adding to comply.