What is GDPR and How Will it Impact You?

As of 25th of May 2018, the GDPR will apply in the UK. If you own a small business, you need to know what it is and what regulations you should follow.

By George Haddon-Hartle

As of 25th of May 2018, the GDPR will apply in the UK. If you own a small business, you need to know what it is and what regulations you should follow.

If you don’t, it’s still a good idea to become familiar with the GDPR and what rights you have as a consumer. Hopefully this blog will inform you, as a consumer or a business owner, of what you need to know.

What is GDPR?

The GDPR (General Data Protection Regulation) is going to replace the Data Protection Act 1998. It’s basically going to bring data protection up-to-date and aims to go hand in hand with the new and unforeseen ways data is handled and used in the digital age.

The GDPR’s definition of personal data is more detailed than the current Data Protection Act and makes it clear what information collected can be personal data. It has also been confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR. It will go ahead as planned.

What does it mean for your business?

The ICO (Information Commissioner’s Office), has outlined seven changes to the way businesses collect, handle and store data under the GDPR:

  1. Separate Consent – Consent should be separate from other terms and conditions so the user can see clearly what they’re signing up to.
  2. Active Opt-in – The GDPR says that pre-ticked opt-in boxes are not a valid form of consent. Users must actively opt-in.
  3. Individual Consent – If personal data is going to be used in different ways, you should ask for separate consent to each. This gives the data owner as much control as possible over how their data is used.
  4. Be Known – Data owners should always know who you are and, the names of any third parties who may also have the data shared with them.
  5. Document all Consent – All consent must be fully recorded and show:
    • What the person has consented to
    • The method of consent
    • What they were told at the time with regards to their consent and data usage
  6. Easy Withdrawal – Data owners should always be able to withdraw their consent. This should also be made quick and easy.
  7. Given Freely – Consent must be freely given by the person involved, not forced.

Summary

All in all, as long as you follow these regulations, you should be fine. It’s also useful to know this as a consumer so you know your rights.

With GDPR in mind, take a look at our privacy policy, to see how we are ensuring we comply with the new regulations.

 

About the Author

George is a CSS Ninja. This means he can build anything to be pixel perfect to the design. George is in the records books for having the longest name in known history and also likes Pi. It takes approximately 3.142 years to type his email address.

>