General Data Protection Regulation – the new law which protects the absolute privacy of all EU citizens residing anywhere in the world. It gives EU citizens complete right over how their personal, sensitive and important information is procured, stored, used, passed, and processed by all companies dealing with them all throughout the world. They can see which company uses their data how and can control contacting mechanisms through which companies get in touch with them, whether already acquainted or new.
The much feared deadline of 25th May has passed and taken down giants like LA Times (Europe) with it. It certainly did push in a certain sense of urgency and doom into a lot of businesses especially the marketing & sales community. We all know how sad those emails sounded – you know the goodbye but keep in touch ones. Among all the haste and inexperience with such a large scale clampdown we have encountered numerous problems answers to which still remain elusive. But like always it mattered most whether you got it right rather than quick. Are your processes to the book or barely put together fearing the audit. Do you in essence really care about the privacy of your contacts or is this another tide you’e ducking under to let pass.
One thing that GDPR has left in its wake is massive segregation – a stark difference between the people who have actually put real efforts in documenting their improved processes, keeping check mechanisms up to date and plugging leaks in their systems. Keeping systems safe from soft and hard attacks has also become one of the key points in declaring organisations compliant or otherwise.
On the other hand are mass marketers and people who illicitly contact unsuspecting prospects and consumers, who store and distribute information without any consent and divulge even the most private details for a fee. Hopefully these “companies” will be left upturned by this shaking.
There are numerous Supervisory Authorities who are the end-all-be-all when it comes to compliancy. They are responsible for clearing organisations for operating with the information of EU citizens.
Supervisory Authorities of different member states are going to be set up. SA’s will be responsible for:
- carrying out audits on businesses
- issuing warnings for non-compliance
- issuing corrective measures
SAs have both investigative and corrective powers to check compliance with the law and suggest changes to be compliant.
We need to be vigilant post May 25th as much concerned we all have been before. There already are numerous leakage points and more will be invented soon. The point to be remembered is continuous improvement and vigilance, remember this is for all our safety and that elusive peace of mind.