If you haven’t heard about the GDPR, or general data protection regulation, then where have you been? It is a new regulation brought in by the European Union, which is described by https://ico.org.uk as a way to give control back to the public when it comes to their information and data. It has also been implemented to help businesses keep data more secure and look after their customer’s information in a more secure way. There can be a thinking that just because it is was something that was introduced by the European Union, that it just applies to those who have businesses based in Europe. But if your online business has a global reach and will serve people from the European Union areas, then you need to be taking steps to make sure that your business is compliant. From having a privacy policy to a cookie and consent popup, it can be an easy fix but is something that needs to be done.
Does this sound like your business? Here are some of the ways that you can make sure that you and your business are keeping secure and adhering to the guidelines.
Research
First of all, if you are North America based, this could be one of the first things that you’re hearing about it. And if you rarely reach European customers, then it will make complete sense that you won’t have done anything about it so far. So do your research so that you understand it all. If you have employees then make sure that they know all about it too. When you understand it all, it will make implementing it all much easier.
Data Audit
To know where you need to improve, you need to evaluate where you are at already and what you can do to assess your current practices. No doubt as a business owner you will already have some certain privacy policies in place. The thing with GDPR is that you will need to tighten up what you are doing to make sure that you comply. So take some time to check what you already have in place, and then it will be easy to add a few more things to help you to comply.
Some of the ways that you can audit your data is by looking at what data you have or collect? Do you have email addresses for a newsletter? If that is the case then you need to check that everyone is happy to still let you have their details. You could also look at your hosting service, through something like https://www.mvps.net, as it can help you to keep up to date and compliant with the opt-ins that it could help you to create.
Another point is to think about who your information gets shared with. Has it been shared with anyone other than people relating to your business? Think about how the data has been used and how it will be used going forward, so you can set the right things in place.
If you get any value from this post be free to comment or share. Also feel free to connect with me on Facebook or Twitter!
Hrvoje Horvat
email: hrvojeh75@gmail.com