1300 133 966

Emerging IT Insights

9 Things to Know About The GDPR

Umbraco.Web.PublishedCache.XmlPublishedCache.XmlPublishedProperty

Business

Ensure your compliance with the GDPR

The GDPR (General Data Protection Regulation) is new legislation being introduced to all EU nations regarding the collection, use, and control of personal data collected by organisations. The GDPR dictates the conditions by which data must be stored, used, supplied and deleted if requested.

Although the GDPR is a European regulation, it applies to any organisation providing goods and services to individuals within the GDPR boundaries or which monitors the behaviors of these individuals.

Basically, if your organisation collects data on European citizens in any way shape or form (voluntarily or autonomously) you will need to ensure you comply with the GDPR. Not doing so can mean being hit with either a fine of up to $20 million euros or 4% of your organisations total GDP (whichever is larger).

If you don't collect data on any EU citizens or sell them any products or services, you don't need to worry about any of this. 

Below are 9 key facts to know about the GDPR and remain compliant;

1. Store all data on employees, customers, partners and suppliers in one place where it is neatly organised.

2. Ensure the data is safely stored, with the necessary security in place to limit unapproved access to the data.

3. Don’t hold data unnecessarily. Part of the GDPR is that you should only collect data which you need and intend to use for a specific purpose. Don’t collect data if your organisation doesn’t have a strategic reason for having it.

4. Have a privacy policy on your website page or somewhere which is publicly accessible for your stakeholders to easily access so they can understand how their data may be used.

5. Your organisation must be receptive to individuals requesting what data you have on them and must also have a documented process for supplying this information. Should an individual make this request, your organisation will need to supply the requested data within one month and free of charge.

6. Have a documented process for deleting data – which must be done within one month if requested.

7. For data collection for marketing purposes such as following use cookies or other remarketing purposes such as a newsletter, your organisation must have an opt-in form. This is so people can opt to receive your marketing messages.

8. The process for opting out of messages and re-marketing activities must be simple, straightforward and easy to do. This options must always be present.

9. Ensure your employees, staff, managers and all points of the organisation are aware of the GDPR and what it requires of the organisation to stay compliant.

If you still have questions please feel free to reach out for a discussion or consultation on 1300 133 966 or email us at contact@emergingit.com.au

What do you do in the event of a Data Breach?

Meeting the Challenges of Hybrid IT

Case Study: Mergers & Acquisitions

Contact Emerging IT

Need a quote or consultation? Guaranteed response within 2 hours.

Get in touch today

Melbourne Office
Melbourne
2/3-5 Gilda Court
Mulgrave, VIC 3170
Australia
Sydney Office
Sydney
Level 8, 50 Berry St
North Sydney, NSW 2060
Australia