What is the GDPR (General Data Protection Regulation)?
If you haven’t heard about the GDPR, we’ve got you covered!
GDPR stands for General Data Protection Regulation. It was implemented on May 25, 2018, to give users control over the data they share with companies online. Users are now able to manage what data is collected and why. They have the right to access, rectify, move data or have that data deleted by those who collected it. Either because the data has no longer any purpose or the user wants it deleted.
What if I’m not compliant with GDPR?
When companies don’t comply with the GDPR, fines can go up to 20 million euros or 4% of their annual revenue (whichever is higher). For less serious infringements, fines are on average 10 million (10.000.000) or 2% of the annual revenue.
Data Protection Authorities are not playing around when it comes to enforcing this law. In fact, several companies have already been fined like the French Optical Center.
Article 83 details here.
You don’t have to be an expert in laws or memorize the entire GDPR law.
It’s preferable if you are familiar with the most significant changes this law created, so you know what you need to do. To help you, use a GDPR checklist which covers the most important points of what you need to do to be compliant. Usually, they are free and will help you get things done.
Here are some examples of GDPR checklists:
But after May 25th, what really changed?
After May 25th the European Parliament felt the need to make the users’ rights valid again. Some companies weren’t taking privacy very seriously and there were even some scandals.
Every company collecting personal data from EU citizens must comply with the GDPR. It achieves it by asking users to give their explicit consent. If users are under 16y.o., the consent is provided by a legal tutor. These laws were designed for the user to feel safe and trust companies to keep his/her data private.
Curiosity: Even video producers and content creators need consent from artists and companies to showcase their products and content online.
What types of private data does the GDPR protect?
- Basic identity information such as names, addresses and ID numbers
- Web data such as location, IP addresses, cookie data, and RFID tags
- Health and genetic data
- Biometric data
- Racial or ethnic data
- Political opinion
- Sexual orientation
The GDPR came to stay, that’s a fact, but it doesn’t mean it has to give you a headache.
There are some key rules your company needs to follow to achieve compliance but don’t worry, you can get there with little effort and on budget.
We developed GetComplied to help companies comply with the GDPR and it’s pretty easy! Edit your policies, cookies and user rights for all of your projects in a single platform. And no more headaches! GetComplied is compatible with the most well-known CMS (like WordPress) and CRM. It also works with Wix.
Learn more at GetComplied