Are you GDPR compliant?

b2ap3_large_gdpr-complianc_20180522-022941_1
If you haven't heard about it, or simply thought it didn't apply to businesses based in Australia, the new European regulation called General Data Protection Regulation (GDPR), due to come into effect on May 25th, 2018, will effect businesses across the globe.

If you are doing business or have website visitors from the EU then this is something you need to know as it greatly affects your business. GDPR is a "far reaching" legislation that doesn't just affect the European Union (EU). It affects virtually every country in the world that does digital business and marketing where an EU citizen can become a customer, user, or provide their personal information to you.

BEFORE WE START
The information below IS NOT legal advice and the information below only offers suggestions and recommendations.

Recently you may have noticed that you are receiving a lot of emails from various service providers (for example Google, Microsoft, Apple, Facebook, Twitter, etc) announcing updates to their privacy policies. These updates are largely a result of the GDPR regulations.

If you are not compliant with the General Data Protection Regulation (GDPR) legislation, it could mean fines of up to 20 million EURO, or 4% of annual sales, whichever is greater. So it's vital for website owners and marketers to understand the new GDPR requirements. This new legislation applies to everything from contact us forms, newsletter signups, mobile event apps, online surveys to social media. It even includes manually collecting business cards at conferences.

You can read the complete GDPR at the following link. //www.eugdpr.org/the-regulation.html

What is "personal data" under GDPR?

In Article 4 (1) GDPR defines personal data as follows:
"Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person."

Essentially, if data can be used to identify a person, then it is classed as personal data under the laws of the GDPR. That includes information you are likely to collect from your event attendees such as names, addresses, birth dates and email addresses.

I do not live in the EU, so who do these regulations apply to?
The short answer is, ALL organizations that are collecting and handling personal data of European Union (EU) citizens (or residents) have to comply with GDPR.

A very important part of the GDPR has do with the geographic scope of this new law. To quickly summarize: Article 3 of the GDPR says that if you collect personal data or behavioral information from someone in an EU country, your company is subject to the requirements of the GDPR.

Two points of clarification.
First, the law only applies if the data subjects, as the GDPR refers to consumers, are in the EU when the data is collected. This makes sense: EU laws apply in the EU. For EU citizens outside the EU when the data is collected, the GDPR would not apply. Good luck trying to figure out and accurately track if they were in the EU when they provide their information

The second point is that a financial transaction doesn't have to take place for the extended scope of the law to kick in. If the organization just collects "personal data" as part of a marketing survey, then the data would have to be protected per the GDPR requirements.


What are the GDPR Requirements?

GDPR requires website and web store owners to inform visitors of the following things:

  • What personal data is being collected.
  • What the data is being used for.
  • Who is handling the data.
  • How the data is collected and obtained.
  • How and where the data is stored.

Here are some examples:

  • An e-mail address field on a contact form or checkout page.
  • People can register and log in to your website. Even if it's just in the back-end so all sites with a CMS like WordPress and Joomla have to comply.
  • Database with order information.
  • Event registrations.
  • Mailing list sign-ups.

How Does GDPR Impact My Company?
Event Registrations
: Registrations are a key way to collect attendee data that can be useful in designing an effective campaign for your event. A perfect event registration form can help you create a comprehensive and exhaustive database of all your event attendees.

Consent: A main concern in this case is user consent when it comes to the collection of data. With the new regulations in picture, a simple check-box won't do. Companies must actively seek consent before collecting information. Users must declare that they consent to their data being utilized by the company within the regulations. A difficult statement stating conditions and terms would no longer be an option. They must be specifically agreed to by the registrants. The agreement should be easily accessible and comprehensive to the attendees.

Data sharing: Companies must make known plainly to the attendees regarding the handling of their data. Attendees should be mindful with regards to where their information is being shared and regarding just what intent is it being used . At the time of asking, it is the organizer's responsibility to provide those records in a digital format.

Data-breach notification: No company is a stranger to cyber attacks. You must have seen or heard cases of breaches in terms of data which in turn mistreated at the hand of cyberpunks.

Opting out: The user data that is being collected and used for marketing campaigns have the right to opt out at any time. They have the authority get their records totally removed from each and every database in which it is held at any given point .

The organizations must honor this specific request and remove all records of the attendees that choose to opt out. Users, therefore, hold the 'Right to be Forgotten' by means of GDPR.

My business only takes customers from my country, why should I care??

The GDPR is all about protecting EU Citizens' data, so as a Business in Australia for example, if you get someone filling out your form who also lives in Australia, but they are an EU citizen, you are now managing data from an EU citizen. Therefore you need to comply to the new GDPR laws.

What should I do to my website to make it complaint?

You should have a Terms and Conditions and Privacy Policy link on your website, added to advise customers how you are using and storing their data. This could be relative to your email lists, request more information signups etc. Registered Users, and Shopping Data. You should also have a checkbox asking for them to agree to your above mentioned terms (This also needs to be a separate checkbox to your existing (Opt into marketing). You will also need to advise the customers how they can opt out at any time and specify how they can do this.

Conclusion

As pointed out previously, GDPR is retroactive. Getting the following things updated will keep you GDPR compliant for marketing to past, present, and future customers.

  • Email Marketing Lists: If you have an email marketing list and it does not comply with any of the legal premises for handling mentioned above, sending emails to that list will be in breach of GDPR as of May 25th, 2018. You may want to seek updated consent from data subjects ahead of the deadline if this is the case.
  • Privacy policy updates: Make sure your privacy policy is up to date and includes all the listed items mentioned above in a very clear, open, and concise verbiage that is easy to understand.

Following these simple steps will greatly increase your GDPR compliance with regards to your efforts.

MORE INFORMATION

The GDPR portal is the main source of information and can be found here > https://www.eugdpr.org

You can get a Terms and Conditions or Privacy Policies created here https://termsfeed.com. But please remember, these documents are Legal Information, and are not Legal Advice.


SEBEL HAWKESBURY RESORT & SPA - CAMPAIGN: CONFEREN...

Our clients are our best business card

You’re team are wonderful and I’m glad you shared the basket of goodies to let them know how appreciated they are.

APA Group

A big thank you to you and all your team at DMC! Terrific job, so professional, from the beginning of discussions, right to the last second of the night itself!

Robert Cliff Master Jewellers

We've said it before and we'll say it again: thank you to you and your team for the work that you've put into making our cashback system a reality, your persistence is much appreciated!

Australlian Gas Networks

The DMC team are the most important part of our marketing mix.
They know their stuff!

ANSA Homes

You are wonderful, thank you!

Villa Thalgo Day Spa

Wow wow wow stunning work ...a heart full of thank yous ...after seeing the artwork I wanted one. You have all gone way and above and it sure shows ...amazing. We very much appreciate your passion.

Banyan Tree Residences Brisbane

To the wonderful and fabulous DMC team. Thank you for your passion, creativity and support with our project. We very much appreciate everything you are all doing.

Banyan Tree Residences Brisbane

When I open the link...the heavens aligned...it looks brilliant....

Q Station Sydney Harbour National Park Manly

You are doing such incredible work for WSABE and I for one am very happy to be working alongside someone like yourself.THANK YOU THANK YOU THANK YOU – YOUR ARE AWESOME!!!

Soiree Events

Thank you to you and your team, for helping with this project. You've made it a lot easier than I thought it could be and the website looks great – I feel that I got great service and great value... Read More

Encompass Wealth Solutions

Thanks so much for everything, you guys have been great ....makes my job much easier.

Elle Events

You are a pleasure to do business with!

Maritime Union of Australia

We’ll be using you again and again...

AV Jennings

Can I just say – you are a STAR!.

Crowne Plaza Parramatta

The feedback I have received form the material you created for us is fantastic.

Safety Services Australia

The support resources you created have generated new business for us at an above average rate.

SCS Technologies

I have consistently found the creative and strategic input to be outstanding.

Wilson Removals

This service quality is rare and should be embraced and commended.

Sydney Graduate School of Management

I must say it is refreshing to find an organisation who practice the art of business partnership with such enthusiasm.”

Sydney Legacy

We hired Stephanie and her team to develop a new logo for the Sydney Graduate School of Management. We got a great result that tested well in the marketplace, a logo that represented just what we... Read More

DLA

You guys are AWESOME!!!

BenQ of Marketing Manager

DMC are always fantastic getting back to me when I need information. I am very impressed with the people I deal with.
They always adapt to changing requirements, are extremely responsive and always... Read More

3M (Futuro & Nexcare)

My heartfelt thanks for the outstanding job done on the Ocean views website and the sales brochure. What you guys have achieved has simply blown the minds of our sales agents and office team. It was... Read More

Zulfi and Sons Pty Ltd

Thank you so much for your work on our launch promotion – the creative is fantastic – exactly what I had envisioned... the images are so striking and simple but beautiful and elegant at the same... Read More

Marriott International

Thanks again for all your help. We can always count on you guys to do a wonderfully professional job with no hassles.

Michael Page International

We found DMC to be reliable and professional. DMC was also extremely helpful offering advice and guidance when it was needed. Xacom would recommend DMC to anyone.

Xacom

It is great to work with a company that proactively seeks to help you to improve your business.

Pan Pacific Hotels Group

You really understood what we were trying to achieve and provided great advice and ideas on how we could better make use of our website. Working with DMC has been an absolute breeze and a joy.

Castle Hill Country Club

On behalf of the Cruise Industry we would like to acknowledge the efforts of all the team at DMC following the success of our inaugural National Cruise Week. From concept to design and final... Read More

Cruise Council of Australia

Your team listen, understand and care about our requests.
Thank you DMC and the team!

Darley Aluminium

Did I mention how FANTASTIC DMC is?

Fluke Australia

The website looks bloody brilliant!

Australian Colonial Homes

Thank you for coming to the rescue so gallantly and at such short notice!

FRANS

Your presentation was exceptionally well received by those in attendance and it has been commended for its insight and entertaining content. The content was relevant, funny and delivered in a very... Read More

Community Tranpsort Organisation

I wanted to thank you and DMC for your hard work and persistence in getting all that done with POS kits being designed, produced and sent today. I have indeed found an agency partner that I can rely... Read More

TATA Global - MAP Coffee