Just because the barrage of consent emails have stopped and it is no longer front-page news doesn’t mean you can forget about GDPR Compliance. Recently, I have been doing some research and I discovered something that really shocked me. But I guess it is not actually surprising when you consider what we know about human nature and how busy people are. Especially small business owners trying to make a living.
Before I tell you what I discovered – I want to make sure that you understand why you need to care, even if you are one of those people trying to make a living. (who isn’t one of those people?)
Just to make sure we ARE all on the same page, we are talking about the General Data Protection Regulation – GDPR.
And if you have so far avoided finding out what that is let me briefly bring you up to speed. The European Commission set out plans for data protection reform in January 2012, its mission to make Europe ‘fit for the digital age’. GDPR was enforced from 25th May 2018. With some groundbreaking new legislation giving control of ‘personal data as a commodity‘, back to the individual.
Did you know…
When you employ new staff, when you take on projects for new clients, both you and they need to be GDPR Compliant. This means that to ensure you are compliant, you are responsible to ensure your staff are aware of their responsibilities under GDPR.
Your new clients and projects you do for them can also put you at risk, if they are not compliant you cannot be compliant. GDPR compliance is a requirement for any business in the world who ‘touches’ the private data of individuals residing in the EU. And the truth is we can never be sure. To do so we would need to keep track of every piece of data both now and in the future of every person on our lists and databases.
I discovered this shocking fact!
Many small businesses think they can sneak under the radar of the EU legislators and be slack with their data privacy obligations, usually because they simply don’t understand what they need to do. And for the most part, this may be ok, but we can’t control when things might go wrong.
- Data hacks cause you to leak data!
- Marketing emails that are sent to EU citizens or EU residents
Yes, if the data subject resides in the EU when they get your email, not when you got their email address and they haven’t given consent you are at risk of being exposed to the heavy-handed fines of 4% of income or up to €20,000,000 (whichever is greater)
The best solution is to be compliant. In the first few months after GDPR came into effect, Canada, California, and several other states and nations have stated that they will bring their privacy laws in line with GDPR. So, this will be back on people’s minds again and again over the next few years.
But you don’t need to panic, and you don’t need to spend a fortune on GDPR compliance awareness training. The EU is not out to punish everyone, they just want you to be aware of your GDPR compliance obligations and to genuinely care about the personal data of your customers.
I created this GDPR Webinar ready content as part of the GDPR PLR Content Pack update to help solve this problem. I have completed a similar project for a corporate client, and I am now offering a convenient solution to small businesses, not only in Europe, but across the globe.
I am passionate about data privacy, for the last 10 years it has been a major part of my 9-5 working life and I believe that it is something we all need to care about.
GDPR is not supposed to be about big scary fines thing that could cause you to lose your business.
I know this is not Marketing 101, but think about it this way.