GDPR- What is it?
The General Data Protection Regulation (GDPR) Is set to regulate changes in the way data is captured, managed and used for everyone in the EU, to give the individual more control over their personal details that are stored and utilised. These regulations come into effect on May 25th, 2018 and replace the 1995 Data Protection Directive.
Making Your Site Compliant With GDPR
1) What personal details are being collected
2) What this data is to be used for – in plain and transparent language.
3) Online payment data that is collected, prior to passing the details to the payment gateway- this information must be destroyed after a reasonable time limit, as yet the legislation is NOT explicit about the specific time frame that this must happen within.
4) The primary object of this legislation is to make it easier for the users to unsubscribe from communications, to ensure that the site has an easy withdrawal process.
5)A positive “OPT-IN” must be acquired, rather than a combined tick box for general terms and conditions.
6) Granular consent – this is giving the user the option to consent to contact by separate methods, such as opting for email, text, telephone or letter.
7) Sharing Information, under the GDPR if the users’ details are going to be shared with other organisations, the user must be made aware of who, why, where and when this data is to be shared.
The next Blog from The Vinyl Corporation will outline Hints and Tips for an “Opt-In” campaign and a FREE template for you!!