What is GDPR?
By now, you may be aware of the General Data Protection Regulation (GDPR), which is a European Union initiative intended to provide users more control and transparency when it comes to the personal data companies are collecting and storing. The compliance deadline was May 25, 2018, which means any business that hasn’t reviewed its policies and practices is running out of time. At the most rudimentary level, GDPR expands what counts as personal data and your rights over that data.
Does GDPR apply to my business?
Although the GDPR currently only applies to companies that retain data from EU residents, several experts believe similar regulations will start emerging elsewhere. It’s best to prepare yourself and become compliant now, even if you don’t currently have overseas customers.
What are the penalties for not complying with GDPR Regulations?
The GDPR covers ALL companies who process the personal data of those in the EU regardless of where the company is located. In addition, penalties for a breach are serious for both data controllers and processors. Businesses must use clear language to obtain authorization from an individual to use their data. No smoke and mirrors or confusing legalese is allowed. Businesses must also notify individuals that their data was potentially compromised within 72 hours of realizing a data breach occurred; data processors are also required to notify their customers “without undue delay.” Additional requirements make it easier for individuals to learn how their data is going to be used and processed, request data erasure and receive the personal data that organizations collect.
How do I ensure my website is GDPR Compliant?
We have done a great deal of research on this topic and the below links contain some very informative information on GDPR compliance:
Here is a link to the official GDPR Compliance website.
If you have questions regarding GDPR compliance and would like to speak with someone at Louisville Geek, please fill out the contact form below.