What does the GDPR mean for Simple Sign?
New data protection laws are going to be put in place this year. Here, Simple Sign will explain what the GDPR is and how this will affect you and your customers when receiving electronic documentation.
What is GDPR?
On the 14th of April, 2016, the European Parliament, after much debate, approved the GDPR to be put into effect in 2018. Standing for ‘General Data Protection Regulation’, the GDPR is the new data protection legislation that will affect all European Union member states. Data protection laws have not been changed as expansively since 1998 and this regulation is a landmark in data protection in the EU. The GDPR is being enforced to ensure that businesses are protecting the privacy and personal data of all EU citizens that the business may deal with. EU citizens will be assured that their personal data is being handled with care and is kept private, whilst businesses will be required to adjust the way in which they approach data privacy. Non-compliance will result in heavy fines. These fines can be up to €20 million or 4% of the turnover of the business, it depends which of these is higher.
If your business deals with customer data, you will be affected by this new legislation, which will include:
- An extended jurisdictional of the GDPR; more businesses will be analysed inside and outside of the EU.
- An emphasis on the consent of the individual to giving data.
- An emphasis on the individual’s rights and freedom, which includes children and the right to erasure.
- The obligation to report data breaches immediately.
- Legal obligations for data ‘processors’.
- Restrictions on direct and targeted marketing.
- Among other things
On the 25th of May, 2018, the GDPR will be effective. After the 25th of May, the GDPR will be effect across all businesses in the EU – including Britain (who recently voted to leave the EU)
What does it mean for data privacy?
It means that individuals, who you collect data from, must be made aware about how their data is stored, how it is used, and why it has been collected. Businesses that collect personal data will be required to optimise their transparency by stating what data is being processed, why, and what it is being used for. With the GDPR, there is a strong emphasis upon consent and this must be communicated effectively to the individual that you require the personal data of. They must know that the effective securite is in place to ensure the safety of their personal data as well.