An EU-wide framework known as the General Data Protection Regulation (GDPR) was passed in 2016 and came into force across the EU on 25 May 2018. This new legislation has put in place a selection of rules to govern how companies and organisations handle consumer information. It has only been a recent trend that people are starting to wake up to how valuable and sensitive our personal data is. It allows companies to profile us into select groups and develop targeted marketing strategies. The two main types of data that you need to be concerned with are personal data and special category personal data.
Types of data:
Personal data is any data that relates to or that can identify a living person. Examples of this includes a person's full name, phone number, medical history and similar information. This type of data is especially sensitive and should only be given to the appropriate sources as it reveals the most information about you as an individual.
Special category personal data is slightly different but it still applies to the individual. It is data relating to things such as the person's ethnicity or membership of a political group. Any data pertaining to an individual's physical or mental health, if an individual has or allegedly committed an offence is also included. The Data Protection Commission has put together a guide to help individuals with these regulations.
The legislation also grants people the right to be forgotten. This means that you can not only request whatever data that a company may have on you, you can also request that it be permanently deleted from their system. However, it is important to note that not everybody is required to comply with this. Hospitals, governments and even journalists are exempt from this. It will no doubt have effects seen across the world. It applies to more than just companies and people within the EU but companies across the world that seek to do business or are currently conducting business in the EU must abide by these laws as well.
In the past year, this is proving somewhat costly to businesses and organisations, largely depending on the size of the company/organisation, the nature of the data it holds and the existing or previous processes in place to protect/store user data.
As a technical web agency we deal with this regularly and are well versed on the subject. If you conduct business in the EU or with EU citizens, it is obviously a requirement to be GDPR compliant and make sure that you are handling users data correctly. If not you could face a fine of up to 4% of annual revenue.
If you are unsure about your compliance needs or the processes you need to have in place regarding your website or online activity, get in touch!
Louisa, CEO, MOR Digital
MOR Digital is an award-winning digital engagement company specialising in web, social, content, engagement and strategy. We have been assisting small and large businesses and organisations with their website, strategy and digital footprint for 18 years. In each and every case we are on the journey with you. If you are trying to figure out how digital can work better for you in 2019, get in touch with MOR Digital today.
email@example.com / +353 (0)41 980 1000