The EU is about to change the rules about keeping data. GDPR will soon be a very BIG deal for your business, regardless of size. And one thing is for sure, an expensive headache awaits if you ignore it. So, what is it? And what can you do about it?
The EU General Data Protection Regulations will kick in next May which is not far away. But many companies are currently unprepared.
Indeed, Ireland’s Small Firms Association (SFA) recently told the Irish Sunday Business Post that after Brexit, adherence to new GDPR legislation is the single biggest challenge facing businesses next year.
What is GDPR? And why is it crucial in the world of email?
Well, it’s a regulation that will strengthen and unify data protection for all individuals within the EU and it also addresses the export of personal data outside the EU.
Businesses will be required to get consent from individuals to hold and use their personally identifiable information (PII), notify customers about breaches and transfer data.
If you think about it almost every modern business holds data relating to its customers. Clothes shops, Gyms, hotels, online shopping outlets, restaurants, dance studios…the list is endless.
Your own name and details will be on many lists already.
Even the likes of doctors or dental surgeries which send important appointment information to their patients via mobile phone or email may need to comply.
Yet there’s a serious lack of awareness and it seems attempts by officialdom to clarify and simplify the regulations results appears in further confusion.
The slightly good news is that compliance with GDPR is not overly complex per se.
The bad news is that the penalties being mentioned for non-compliance are extreme; if businesses don’t comply, they face being smashed with fines of up to four percent of annual turnover. Many smaller businesses would struggle to take a hit like that.
The GDPR was approved by the EU Parliament last year with the ‘enforcement date’ being May 25th, 2018 – at which time those organisations in non-compliance will face heavy fines.
Here at GroupMail, we’re facing the GDPR beast head on to ensure we, and all those who use our services, are GDPR compliant.
As our GroupMail software and related data is hosted on your own desktop rather than in a wider network, it means that’s it’s safe and in compliance with GDPR within the EU (the data is stored on individual computers). And any data which we store externally is hosted in Dublin – which of course keeps it within the EU also.
We are advising, though, that for any company using email marketing, it is vital they let people know how and where their data will be held and also ensure you include an unsubscribe link in each email you send.
Also, it is good practice to use Double Opt-in when asking people to sign up to your newsletter or email marketing campaign – where they can be advised why, and where their data will be held. This can be automated in GroupMail and many other Email Marketing providers.
There is also ‘a right to be forgotten’ and this must be respected.
We’re also busy analysing GroupMail to determine whether any improvements or additions can be made to make them more efficient for those users subject to GDPR – this will remove any related stresses or concerns for those companies which use our software.
So, in essence, the thinking behind this new legislation is sound but our fear is that many companies will fall foul of the new regulations simply because they didn’t realise the changes applied to their business practices.
Make sure you’re not one of them – make sure you’re GDPR compliant. And don’t put compliance on the long finger. Act now.