Get In Touch

We'd love to talk to you
more about your project


So call us on: 020 7287 7060

or email: info@webheads.co.uk

EAW

Global Corporate web design

Sterling

Corporate web design

The Fall

Fashion web design

Project 44

Sports management web design

Metamako

Financial services web design

London Explorer Pass

Tourism web design

Logo

One Month Until the GDPR

May the 25th 2018 will mark the coming of the GDPR – the general data protection regulation. Touted as one of the most important European privacy and data protection updates in the past two decades; it no doubt will have an impact on most businesses who hold any sort of customer information. With non-compliance fines looming at up to 4% of business income, businesses need to know what to expect and how to prepare with one month to go.

In a Nutshell: The upcoming GDPR will apply to all client and customer data that your business currently holds and will hold in any point of the future. This can include something as simple as their e-mail address and of course includes more personal and sensitive information such as credit and debit card details etc. There are two main aspects to this data. Firstly, the owners of it will explicitly have to ‘opt-in’ to receiving communication and marketing updates from you. The currently wide-used practice of ‘Please tick here if you do not wish to receive . . .’ will not be compliant anymore. Should they opt-in, they have to be informed of what exactly their data will be used for and also how they can easily opt-out at any time. Secondly, any data breaches or leaks in connection to the data your business holds and processes will have to be flagged to both local data protection authorities and affected parties within seventy-two hours.


How to Prepare: As it is now April, your business has a month to pre-empt and prepare for the GDPR and to become complaint with it. This can include reaching out to the customers and clients that you currently hold data for and asking them to opt-in to receiving communications from you while also informing them how their data will be used. From their responses and replies, you can update your database accordingly. It is also worth upskilling a team member(s) about privacy and data protection by sending them to relevant courses and seminars etc. The information they glean from these specific events can help to inform the GDPR strategy that you will need to implement. Larger businesses may be in a position to outsource help and assistance or to even appoint a new and dedicated data protection manager role. Utilise microcopy across your website and sign-up / subscription forms to update them with new compliant language and reflect these changes in your privacy policy and terms of service etc.


The GDPR is coming and it is in the best interest of businesses of all shapes and sizes to be ready for it. This blog exists purely as a reminder and to offer some simple and friendly advice from one conscious business to another. We implore our readers to ready themselves and fortify themselves with the necessary information to protect their customers, their data and their business.

gdpr