GDPR is coming
It’s not long now until GDPR comes into force. In a matter of weeks, all businesses will be required to comply with new regulation surrounding the way personal data is collected, processed and stored, to give individuals back control over their personal data held on file, and to impose stricter rules on businesses and organisations handling personal data.
What is the reason for GDPR?
Back in 1995 when the EU last issued a data protection directive it was a much simpler time. There were far fewer ways to collect personal data. Take a step forward to 2018 and things have changed considerably in the years since.
Nowadays, the way(s) in which personal data is collected, processed and stored has changed extensively and with the introduction of a more sophisticated digital world, the internet has made if far easier for personal data to be collected, processed and stored in all manner of ways.
There are downsides to this however, and with the considerable ease that personal data can be collected by businesses nowadays means it has opened up vulnerabilities and security risks which has unfortunately resulted in serious breaches of data and privacy on many occasions.
The main focus and purpose of GDPR is to hand back the control of personal data held on file to the individual concerned and impose stricter rules on businesses and organisations handling personal data. Further information can be found on the Information Commissioner’s Office website (https://ico.org.uk/) and the EU’s GDPR website (https://www.eugdpr.org/).
We also wrote an extensive blog last year about GDPR compliance which is worth a read. Disclaimer: Please note, that parts of this blog may contain information that has been superseded with updates to parts/all of the GDPR legislation since it was written, so we do recommend that you visit the ICO and EUGDPR websites (links just above this) for the most up-to-date information.
What does GDPR mean for my business?
Whilst GDPR involves all operations that are concerned with collecting, handling and processing personal data company-wide, we focus on the website side of things, and ensure that your website and any associated documentation required is fully compliant.
If you have a website that does any of the following:
- Customer contact forms to enquire about products or services
- Customers can buy products or services on your website
- Users can comment on blog posts or post to forums
- Your website monitors website visitors/traffic
- Users can sign up to a newsletter or subscription
- Customers can register and create a user profile of any kind
- You have any logging tools/applications running
Then you will be required to company with the General Data Protection Regulations, irrespective of your size or sector.
What happens if I don’t bother with compliance?
It’s probably not worth even considering this because failure to comply will result in potentially huge fines.
But the maximum fine for breaching GDPR will rise to €20 million (about £17.6 million) or 4% of your annual global turnover in the preceding financial year, whichever is greater.
Even fines for breaches deemed less serious will be as high as €10 million (£8.8 million) or 2% of annual global turnover.
Can Vaccoda help me to get my business GDPR compliant?
Yes, we can. We are a highly experienced team of in-house web developers who are commercially aware and are fully versed in GDPR compliance.
All our GDPR compliance work is carried out in-house by our experienced team before being checked and ‘rubber stamped’ by our highly-qualified, specialist lawyer (who’s practised commercial law for more than 20 years and is an expert in GDPR compliance) to ensure all implemented changes are fully compliant and legally sound.
You can find out more details on our GDPR Compliance service by clicking here.
Final thoughts and summary
The General Data Protection Regulation is a big and significant change and reflects the growing need to ensure consistency around data protection.
GDPR doesn’t have to be a headache and we work with businesses of all sizes and sectors, in conjunction with our partners, to educate and advise on the best practices to ensure you are fully compliant in accordance with GDPR.