What Does GDPR Stand For and Why It Should Matter to You

Table Of Contents

Add a header to begin generating the table of contents

If you’re wondering what does GDPR stand for, we share all of the details about the General Data Protection Regulation (GDPR) and why it should matter to you.

One thing you might have noticed in the last few weeks is an unusually high number of companies sharing details about their Privacy Policy and Terms and Conditions web pages. This is a result of a new regulation in the EU called GDPR.

While bloggers and businesses are talking about the changes GDPR is making on the internet, many are wondering what it is, and what impact it’ll have on them and their business.

If you’ve been wondering what GDPR stands for and what changes it will mean for you and your business, then you’re in the right place.

Rather than feeling overwhelmed by all the information, we have put together this article to help you understand exactly what GDPR is, and why it should matter to you and your business.

We share all of the important information about the General Data Protection Regulation in this article so you can better understand it for your business.

What is the GDPR?

The GDPR, or the General Data Protection Regulation, is a law set to replace the rather dated 1995 Data Protection Directive.

Adopted on April 14th, 2016, the GDPR comes into force this month. This brand-new policy gives consumers total control of their data. It will affect companies that are in the European Union, as well as those that have operations and customers there.

Some of you may not be aware of this new legislation, but you should pay attention. If any aspect of your business is offering goods or services to people within the European Union or monitors their behavior, you’ll need to comply.

With a total population of 505 million people living in the EU, that’s a lot of potential customers that your business could be reaching, and needs to be compliant with this new law.

When Do You Need To Take Action?

Enforcement of the GDPR is only a few weeks away, although adopted on April 14th, 2016, the policy goes live on May 25th, 2018.

This means if you aren’t compliant by this date you could be breaking the law and fined accordingly.

What Does This Mean For Your Business?

One of the big focuses of the GDPR is the conditions of online consent. Companies cannot use confusing or vague language to get you to agree to give them your data.

You’ll also not be able to bundle consent for different things together. This means that if you have somebody on an email list for one product, under this new policy, you wouldn’t be able to email them about a new unrelated product, without their express permission.

That means you will also have to have individual consent forms for different pieces of information; you can’t have one opt-in form that says you’re giving consent to lots of different things. You’ll need to have individual consent for each of them.

Consent also needs to be easy to withdraw from the individual.

Under the new rules, it’s also required to let the data protection authorities know of any data breaches within 72 hours of them happening.

With user data, the customer is going to have more control. This means they’ll be able to access the personal data stored by companies and find out where, and why you’re using it.

The GDPR also gives users the right to have their data forgotten. This means you can ask whoever controls your data to erase it and stop third parties from accessing it.

What Are The Consequences of Not Taking Action?

There are a lot of mistakes you can make re-designing a website. Make sure GDPR isn’t one of them.

Your business has serious punishments if you don’t commit to the GDPR laws. An organization that breaches GDPR laws will face fines of up to 4% of annual global turnover or 20 million euros, whichever is greater.

That means some of the world’s biggest technology companies can face devastating fines if they don’t take your data seriously.

For smaller firms, a breach of GDPR could mean potentially huge fines, which could put you out of business. It’s clear these policies and the large fines are in place to make large tech firms like Facebook and Google take note.

But it’s unclear yet how much action the data protection authorities will take on smaller individuals not complying.

The best advice is to avoid a potentially huge fine and remain compliant.

What Do You Need To Do to Be Compliant?

The GDPR has given some clear guidelines on its website on how to remain compliant for when the GDPR takes force.

We recommend reading through the official information clearly and thoroughly to make sure you remain compliant.

Here are some of the tips we recommend to become compliant with your company.

Understand GDPR is Moving Away From Tickbox Compliance

Changes under the GDPR are moving companies away from simple, “tick this box to agree to everything.” The focus now is on the security and privacy of your user’s data.

The ‘Personal Data’ Definition Has Widened

The definition of ‘personal data’ has widened massively. This means that it now explicitly includes online identifiers such as IP addresses and mobile device identity.

Remove Active Opt-In’s

If your website has invited a user to a subscribe tick-box that is pre-checked, this will be in breach of GDPR rules. You need to make sure these forms default to an un-ticked box.

Separate Opt-In Boxes

If you ask a user for permission to opt in, you will require two separate boxes for different requirements. For example, one opt-in may be for your email list, and the other may be to pass their details onto third parties.

Easy to Withdraw Permissions

The permissions that a user agrees to need to be easy to remove. It has to be as easy to remove consent as it was to grant it.

This means you should make it easy to remove consent from emails or opt out of specific lists.

Are You Ready For The GDPR?

You probably understand what GDPR is and some steps your company should take to act. Before taking any action, we recommend you consult with your lawyer or legal advisor. With their advice, you’ll know if GDPR is a liability for your business or whether you can sit this one out.

Share this post:
Related Posts