What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation which aims to ensure that any organisation which collects or processes personal information on residents of the European Union does so in a safe and responsible way.

Does it apply to my organisation?

Yes. If you collect information about clients, supporters, event participants, and corporate sponsors – even if you only keep this information for a short amount of time.

What about Brexit?

On 21st June 2017, the Queen’s Speech confirmed that the GDPR will form part of UK law even after we have withdrawn from the European Union.

The UK law may see some changes to the GDPR framework, but for now you must ensure you are fully compliant with the regulation.

When do we need to be ready?

The GDPR was adopted on 27th April 2016, and became enforceable from 25th May 2018. All organisations must now be fully compliant with the regulation.

What do we need to do?

The GDPR framework includes a large number of areas which need addressing across your organisation.

The primary focus from the perspective of digital marketing is explicit consent – meaning that you can no longer have tick boxes with wording such as “tick here if you do not wish to receive communications from us”.

You’ll also need to ensure that your privacy policy is completely up to date, and gives clear and transparent information on the collection and processing of personal information.

12 steps to GDPR compliance

In the lead-up to 25th May 2018, I partnered with Chelmsford Web Studios to create a 12-part blog series with advice and tips on getting your business ready for GDPR. To read this blog, please visit Chelmsford Web Studios.

Can you help?

Absolutely! To request a free review of your online compliance with GDPR, please contact me.