The European Union GDPR (General Data Protection Regulation) comes into force on 25th May 2018 and affects all businesses and organisations that are within the EU or that have customers within the EU. The United Kingdom government, have confirmed that the UK will implement and follow all the GDPR rules before, during and after any ‘brexit’ arrangements.
In essence, the GDPR rules govern how you obtain, hold and manage any electronic data on your customers and prospects, bringing CONSENT, TRANSPARENCY, and the ability for people to have their data REMOVED.
It will be a legal requirement for businesses to be able to prove that a person has explicitly agreed (opted-in) to join an email mailing list, for example – you cannot just add them! Moving forward, this is relatively straightforward to do, but it creates a problem for legacy data where you have not used ‘confirmed opt in’. Many businesses are now busy emailing everyone on their mailing lists and asking the email addressee to explicitly confirm that wish to stay on that list.
The fear is that many people will not do this, so drastically shrinking the size of your mailing list, however, you could also view this as separating out the ‘wheat from the chaff’ and ensuring your email list is of high quality.
You can find out more about the key changes that GDPR will bring, and what you need to do, by looking at the EU GDPR website ( https://www.eugdpr.org/key-changes.html ). In addition, we work with consulting organisations that can look at your organisation’s systems and policies and ensure you are working with the new legislation.
The ICO (Information Commissioners Office) has published a PDF called ‘Preparing for the General Data Protection Regulation: 12 steps to take now’ which you can download/view online using this link to the ICO website.