An idiot’s guide to GDPR
You may have heard of this group of letters floating around, being linked to email and think that it might impact your job/company one day soon but don’t want to do the research and have to sit and actually absorb words like ‘legislation’… PAH. Here’s an easy and concise guide to see if you have to do anything about GDPR before the impending day of chaos –> 25th May 2018.
“Alex! Is it G.D.R.P or P.D.P.R?”
What is GDPR?
Simply put… a new privacy law which will mean brands having a stricter opt-in process to be able to collect data for EU citizens, no matter where you or your organisations are based. It also means having to bring any existing data up to date. It will replace the EU privacy directive.
Who will it effect?
Anyone collecting information on and sending communications to people in the EU.
What do I REALLY need to know??
Consent must be “freely given, specific, informed and unambiguous”
1. Consent can’t be a pre-ticked box any more. It has to include some sort of activity where the user is specifically agreeing to ‘receive offers’ for example.
2. There must be ‘adequate’ information given to the user about the brand and how their data will be used.
3. Collecting consent also means storing it for each user you mail to. If you are asked about compliance, you need to be able to prove you have it.
What are other companies doing about it?
Most seem to be looking in to running re-permissioning campaigns. I’ll cover this in my next post.
What happens if I don’t comply?
You get punched in the face… by something called THE LAW.
Did that clear it up a little?