We all heard about the changes to General Data Protection Regulations, which came into effect on 25 May 2018. But what does this mean for your business?
In essence, GDPR is in place to protect personal data, assuring that it’s being asked for in the correct way and handled ethically and securely. If your organisation collects or handles customer information, then you are considered a Data Controller under this legislation This means you have a duty to strictly follow GDPR, otherwise you could see fines up to 4% of the global turnover of your business.
As stated on the official GDPR website, Personal Data can be defined as:
Any information that relates to an individual who can be directly or indirectly identified. Names and email addresses are obviously personal data. Location information, ethnicity, gender, biometric data, religious beliefs, web cookies, and political opinions can also be personal data. Pseudonymous data can also fall under the definition if it’s relatively easy to ID someone from it.
It’s your responsibility to ensure you and your staff are GDPR compliant, which can be daunting for most SMEs. Luckily, we have the IT technology and know-how to guide you on the GDPR path.