The main problem I had when I heard about GDPR was its name! It sounds like a Star Wars character! Or a bit of computer code. It just sounds complicated!
R2-D2 and C-3PO!
It stands for the General Data Protection Regulations and it came into effect on May 25, 2018.
The GDPR document is 88 pages long and is very effective bedtime reading!
In essence, there are 7 principles within GDPR:
What does it mean to us?
It means that we tell the customer exactly how we will use their data and that we need their permission to use it.
In our business we do not share a customer's data with any 3rd parties.
We ask if we can contact them and how we should do that.
We only use a customer's data for our business - we don't pass it on to others.
We only ask for the data we require in order to do our business.
We ensure that the data we hold is accurate.
We keep data records for the required amount of time and then they are disposed of securely.
We hold data in a secure environment and take measures to safeguard all data we hold.
We appoint a Controller who is responsible for seeing that we keep to all the above rules.
What it means to the customer?
They understand exactly how their data is being used.
They are in control of who contacts them and how.
They can feel safe that their data isn't being shared with other parties.
They can feel secure that their data is being held safely and someone is accountable for it.
An increasing amount of our daily actions are now being done online, in fact it's not impossible to imagine a future where virtually everything we do is online! This means that we are sharing our personal information with more and more people and organisations and putting our data at risk.
We have always taken customers' data very seriously but GDPR has meant that we have to document procedures and we are now very much accountable for this data. In an ever changing world where data can be so easily compromised it can only be a good thing!
I still don't like the name though!!