Is your small business ready for GDPR?
GDPR comes into effect on May 25th, and it affects everybody: small business and large business alike.
For those still in the dark, GDPR stands for General Data Protection Regulation, and is a new piece of legislation designed to protect people’s personal data and prevent its misuse by fraudsters, hackers, scammers and rogue states.
It’s an important law – and more to the point, the enforcement is going to be strict. GDPR will allow the Information Commissioner’s Office (ICO) to fine companies up to 20 million Euros for each breach.
How do I get ready?
There are comprehensive guides available on the web, but as a general rule of thumb, any customer data you store now has to be demonstrably obtained with consent.
That means no more prefilled check-boxes, definitely no adding people to your mailing list who haven’t explicitly signed up, and may even mean deleting some customer emails.
For most of you, it also means a hard look through your landing pages and sign-up forms to make sure you’re being clear about why you’re collecting data, and that you’re actual use of that data is exactly as you say it is.
We recommend you consult this GDPR self-assessment for a full list of everything your business needs to do to be compliant. And you’d better start soon – GDPR comes into force in just one month from today!