A Quick Review: General Data Protection Regulation
- May 2, 2018
- Leave a comment
Data Data Data! We all know Data is all around us and how important it is on the web. From Data security, access to breaches and compromises. As players on the Internet data has become a primary force of power and contention. Who has the right to collect what data and from whom? As we should all know by now… with data comes great responsibility.
In order to create a more equitable playing field for both companies and consumers on the great wide web, the European Union launched the General Data Protection Regulation about 3 years ago. Well the time has come upon us that this legislation goes in to full effect.
So, as one WordPress team to fellow users, here is our brief overview of GDPR, how it works, and what it means for you (as a data collector and consumer).
What is General Data Protection Regulation (GDPR)?
As of May 25th, 2018, the EU will officially implement “General Data Protection Regulation” or more commonly referred to as “GDPR”. GDPR is the the set of rules that regulates & secure the collection and processing of Internet user’s personal data within the European Union (EU).
These rules will apply to organization not only within the EU but organizations interacting and servicing EU users. Regardless of a company’s location, GDPR will apply to all companies processing and holding the personal data of European Union citizens.
How Does It Work?
The key elements GDPR control are based around protecting EU website users. GDPR mandates that site users have full access to the data on how their information is collected and used.
Sometime highlighted controls include:
- Consent to be given by the individual whose data is held. Consent means “any freely-given, specific, informed and unambiguous indication of his or her wishes by which the data subject, either by statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed”
- The identity and contact details of interest of the association behind the required information.
- The motivation behind gaining the information and how it will be utilized
- The users right to information and access to how their data is being used
- The period for which the information will be stored on the website
- The users’ right to request, redress or eradicate the information
- The users’ right to pull back assent whenever
- The users’ right to hold up a protestation
GDPR mandates that site users have full access to the data on how their information is collected and used. These users are also given the right to request this data with the response expected “immediately and at the most recent inside one month of receipt of the demand”. Given a data request is clearly unwarranted or exorbitant then little and medium-sized undertakings will have the capacity to charge an expense for giving access.
GDPR + Personal Client Data
Personal Client Data as defined by GDPR is any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be:
- Primary Contact Information like:
- Email address
- Postal address
- Financial Information like:
- Bank details
- Credit Card Information
- Professional Details like:
- Employment details
- Business information
- Several other details like:
- Posts on social networking websites
- Medical information
- Computer IP address
GDPR + You + Users
At the end of the day, GDPR affects everyone across the board, website owners and end users. From building trust to providing benefits GDPR not only improves your credibility online and with your users but compliance actually provides you both.
All Good Things Start with Trust
GDPR sets the stage to most fairly creating more transparent and trustworthy organizations. GDPR compliance shows users you are responsibly doing your part to protect their personal information. You can provide this confidence since compliance entitles you a specific data protection officer (DPO), along with consistent reviews of information preparing exercises. A win win on the trust front.
What’s in it for you?
From a users’ perspective, GDPR allows the masses with more opportunities to identify with their own information and utilization of the information all through the site or application.
As a site user, once users are entitled their data, you’ll have to be ready to provide it. Proactive GPDR compliance will allow you as a site owner to easily stay up to date and easily provide the data users are entitled to requesting. By playing within the GDPR guidelines, you can actually reduce your overall cost of information and crisis management from a user data perspective.
At the end of the day data is everywhere and it’s here to stay. GDPR is paving the way for a more fair playing field between site owners and users.
Highlights Reel again:
- May 25th is the Deadline
- Make sure to have your site at a site operator level
- As a user rest assured knowing your data is better protected and more available
We hope this brief guide was a beneficial overview to GDPR and what it means for you.
We’ll be sharing more GDPR related content over the next few weeks. Stay tuned!