A new EU regulation will soon come into effect that will impact how all organisations collect and process people’s personal data. The General Data Protection Regulation will become law on 25th May 2018.
As we approach May 2018, Clear Vertical is focused on GDPR compliance efforts. During our implementation period for the Regulation, we are evaluating new requirements and restrictions imposed by the GDPR and will take any action necessary to ensure that we handle customer data in compliance with applicable law by the 2018 deadline. Our clients will receive updated terms of business based on changes that we’ve implemented and this will be rolled out, early in 2018.
Clear Vertical has opted for third party cloud based solutions, all with restricted access to client data by our employees. Our emails and website are also encrypted for extra safety. As a company, we hold very little personal details on our clients making for a smooth transition for when GDPR arrives and takes full effect.
For more information on how it affects your business marketing to prospects, both digitally and through traditional methods, please see our sister company’s GDPR page: https://www.veycom.co.uk/gdpr-need-to-know/
For more information on GDPR or our data collection policy, please email firstname.lastname@example.org.
In May 2018, the General Data Protection Regulation (GDPR), introduced by the European Union, will come into effect.
The General Data Protection Regulation (GDPR) is the result of 4 years of work by EU member states to address new data threats. As compared with the Data Protection Act, it introduces stiffer fines for companies which are not compliant and gives consumers greater control over the ways in which their personal data is being used. In addition, it makes these new protection rules consistent throughout the EU.
Although GDPR went into effect in May 2016, EU businesses (including those in the UK) have until 25 May 2018 to be compliant. According to research from ITPRO, although the majority of IT security professionals in the UK know about the new legislation, only 43% are assessing the impact it will have on their companies or taking the necessary steps to prepare for its arrival.
It’s important for businesses to understand that the penalties for non-compliance with the provisions of GDPR are substantial. According to Imperva, regulators can impose administrative fines up to an amount that is the greater of €10 million or 2% of annual revenues for non-compliance with “technical measures” (like impact assessments and breach notifications). Those fines increase to the greater of €20 million or 4% of global annual turnover for non-compliance with “key provisions” of the GDPR.
To protect your customers’ personal information and avoid penalties, your organisation needs to take the steps necessary to ensure compliance, including the following 4:
Brexit has no effect on the need for UK businesses to comply with GDPR. The UK Government published the draft Data Protection Bill 2017 in September 2017, and this brings into UK law all of GDPR and alters some key parts on things like the age of minors included. There are no material changes or exclusions from the full EU version and so no time should be lost in starting the journey to GDPR compliance.