On May 25 2018, the GDPR (General Data Protection Regulation) will go into effect, changing how companies around the world deal with the personal data of people residing in Europe.
GDPR is Europe’s new framework for data protection. The laws that currently govern data protection in Europe were enacted in 1995 – and needless to say, a lot has changed since then. We now create mountains of digital data every day. And GDPR aims to not only increase awareness of that data, but give individuals better control over how their personal data is used.
At Showpad, we see GDPR as an opportunity, not an obstacle. It’s a much needed update to bring data privacy legislation into the modern era. And above all, we see it as an opportunity for companies to earn trust through ethical, compliant data processing processing.
The main premise of GDPR is to help people protect their personal data. But what is personal data? According to the regulation, personal data is any information that identifies or is capable of identifying a person. This can be information that directly identifies someone – such as a name, email address or ID number – or information that when used together can identify a specific individual.
Who is impacted?
While GDPR is primarily targeted toward businesses established in the European Economic Area, the regulation has global impact. Any business that has customers in or targets individuals in Europe also needs to comply. For example, if you have email lists that include EU citizens, you’ll need to be compliant or face hefty fines. For global enterprises, having the flexibility to manage personal data differently for different countries can be essential.
Becoming GDPR compliant
To reach GDPR compliance, it’s important to understand what personal data you’re collecting, how you’re collecting it and how it is being processed. Here are some key elements of GDPR to help you understand how your organization is processing data and how you can reach GDPR compliance.
- Obtaining Consent
One of the biggest areas for change under GDPR is how organizations collect and store consent. To process an individual’s personal data, companies must now collect “freely given, specific, informed and unambiguous” consent. In other words, customers must physically confirm that they want to be contacted – for example, by ticking a box to opt-in to having their data processed.
- Ability to Opt-Out
Just as GDPR requires that individuals give active consent to opt into having their data processed, organizations must also make it easy for individuals to revoke consent and opt-out of having their data processed. People can withdraw the permission granted to you at any time, but the good news is that this doesn’t impact any data that was processed prior to them revoking consent.
- Right to be Forgotten
Under article 17 of the GDPR, every individual has the “right to be forgotten,” which means they can request to have their personal data removed from a company’s systems. And under GDPR, companies should also remove personal data from their systems when they either don’t need it anymore or don’t have value for it anymore.
How Showpad Can Help
At Showpad, we take data security and privacy seriously. Not only are we committed to being at the forefront of data protection and security ourselves, but we also want to help our customers reach compliance with this new regulation.
Today, we released new product updates to help our customers reach GDPR compliance. Our aim with this updates was to give our customers enough information to be compliant while offering them the flexibility to make changes according to their specific needs. Check out our press release for more specifics on these product updates.
For more information, visit our GDPR Information Hub.