What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation by the European parliament and council on the protection of natural persons with regard to the possession of personal data and the free movement of such data, and repealing Directive 95/46/EC. (27 April 2016)
Benefits
Some of the main points that are included under GDPR are:
- All EU citizens, regardless of their location, are included.
- All Companies that target EU citizens, regardless of the company location, are required to comply.
- It's a regulation, not a directive, so you will need to comply.
- Personal data includes name, address, national ID number, medical records, DNA, IP address, e-mail address, RFID, HR info, and more
But don’t worry, there are benefits to GDPR.
More qualified leads
Anyone allowing you to have or keep their data are genuinely interested in your company and/or products.
Better relationships
No more friction at data subjects side about your company using their personal data. They know what, why, where, how and how long you will store their data, and have the right to be forgotten by your company. Leading to more trust between them and your company, and better long-term relationships.
Trust
We all like trust, but studies show that leads are more likely to buy products/solutions from companies they trust. Take advantage!
Action plan: change your companies mindset and design by privacy
- Check with your management if there is already a plan in place to be compliant with GDPR.
- Explain to them the benefits of being GDPR compliant, if there is no plan in place yet.
- Make a list of all data captured:
- What do you capture?
- Why is it captured? Is this necessary?
- Where is it stored?
- How long is it stored?
- How is it stored? Has it been secured?
- Clearly state your intent and the duration of data storage. There needs to be a clear goal and purpose to the collection of data.
- Ask your data subjects explicitly for consent - allowing you to collect data - and explain that this consent can be withdrawn at any point. Do not use pre-ticked checkboxes, silence or inactivity.
- Create protection for all personal data allowing each data subject to access all data stored about them in a readable, usable format.
- Offer a user friendly way for data subjects to update their data or request removal of their personal data from your database.
- Offer data subjects a way to opt-out if they no longer want to receive updates. Allow them to be forgotten.
- If you are using third party tools, check with them if they are also GDPR compliant.
- Create a breach policy: what to do if there is a breach, who do you contact (who contacts them), and how do you fix it?
Still have questions about PDF solutions for GDPR?
We're happy to help! Send your questions to us, and we'll get back to you a.s.a.p.