Ensure your compliance with the GDPR
The GDPR (General Data Protection Regulation) is new legislation being introduced to all EU nations regarding the collection, use, and control of personal data collected by organisations. The GDPR dictates the conditions by which data must be stored, used, supplied and deleted if requested.
Although the GDPR is a European regulation, it applies to any organisation providing goods and services to individuals within the GDPR boundaries or which monitors the behaviors of these individuals.
Basically, if your organisation collects data on European citizens in any way shape or form (voluntarily or autonomously) you will need to ensure you comply with the GDPR. Not doing so can mean being hit with either a fine of up to $20 million euros or 4% of your organisations total GDP (whichever is larger).
If you don't collect data on any EU citizens or sell them any products or services, you don't need to worry about any of this.
Below are 9 key facts to know about the GDPR and remain compliant;
1. Store all data on employees, customers, partners and suppliers in one place where it is neatly organised.
2. Ensure the data is safely stored, with the necessary security in place to limit unapproved access to the data.
3. Don’t hold data unnecessarily. Part of the GDPR is that you should only collect data which you need and intend to use for a specific purpose. Don’t collect data if your organisation doesn’t have a strategic reason for having it.
5. Your organisation must be receptive to individuals requesting what data you have on them and must also have a documented process for supplying this information. Should an individual make this request, your organisation will need to supply the requested data within one month and free of charge.
6. Have a documented process for deleting data – which must be done within one month if requested.
8. The process for opting out of messages and re-marketing activities must be simple, straightforward and easy to do. This options must always be present.
9. Ensure your employees, staff, managers and all points of the organisation are aware of the GDPR and what it requires of the organisation to stay compliant.
If you still have questions please feel free to reach out for a discussion or consultation on 1300 133 966 or email us at firstname.lastname@example.org