About The General Data Protection Regulation
The General Data Protection Regulation (GDPR) is one of, if not the most significant piece of privacy legislation passed by the European Union in the last twenty years. It was designed to replace the 1995 EU Data Protection Directive (European Directive 95/46/EC). Its aim is to strengthen the rights that EU individuals have over their data, by creating a consistent data protection law that is implemented across Europe.
Digitalmakkr will comply with the applicable GDPR regulations as a data controller when they come in to effect on 25th May 2018. By working concomitantly with our existing and future clients, we will explore any, and all opportunities within our services by offering to support our customers in meeting their GDPR commitments, wherever possible
Where do we stand?
We are dedicated to addressing EU data protection requirements which are applicable to ourselves as a data controller. These efforts have been critical in our ongoing preparations for the GDPR:
As a company, we have evaluated the following principles in preparation for the enforcement of GDPR and we suggest that our customers also look to do the following:
- We have completed a full audit of all personal data held both in hard copy and in digital format to assess the relevance to our operational procedures. We have expunged where necessary any data sets which are no longer appropriate to our needs. This includes what legal rights we have as a company to store this information and the removal of anything we deem unnecessary going forward.
- As per the new regulations we have created a simple format for you to request all information we hold on you personally, request adjustments to the data we hold, and give you the complete right to be forgotten from our systems. Should you need any help with this please complete our form below and one of our accounts team will support you.
- We are working towards recording our consent to communicate with all our existing and new customers. Albeit we do not envisage email marketing as a viable solution going forward, we will still where appropriate, obtain and record consent for marketing purposes.
- We have increased our onsite and hosted security solutions to help cater for a more robust environment for that of ourselves and our customers. We have entrusted the support of a dedicated IT company to support our infrastructure and keep all data as safe as practically possible.
Where Do You Stand?
As a prevailing or forthcoming client of Digitalmakkr, now is the ideal time for you to commence your preparation for the GDPR as a data controller. You may want to consider these tips:
Get to know GDPR: Familiarise yourself with the provisions of the new regulations, particularly how it may contrast from your existing data protection liabilities, and consider the relationships you have with both your client base and aspirants. Also, note the deviation of local provisions which may be antiquated by the new regulations when they become EU law on May 25th, 2018. Do be aware that new desideratum may require new solutions that meet the stringent exigencies ahead.
Audit your data and processes for data capture: Create an updated and precise inventory of personal information that you control. Review your current controls and processes to ensure that they’re sufficient, and build a plan to address any areas which may need improving. Here are some steps you can take today:
- Review your field maps
- Review your process documentation
- Ensure that you have a lawful basis for processing the data
Stay informed: Stay abreast of updated regulatory guidance as it becomes available, and consider consulting a legal expert to obtain guidance which is applicable to you. We would recommend a regular review of the Information Commissioner’s website, which is the UK representative within the EU working group: Article 29.
At Digitalmakkr, we strive to deliver an incredible customer experience from the beginning of your journey with us; earning the trust of thousands of companies throughout the UK. We will continue to make additional required operational changes resulting from the new legislation, and will keep our clients, partners, and regulatory authorities informed throughout this process. We have an internal cross-functional team who continue to monitor GDPR as it moves to become more clearly defined over the next few months, and who will continue to inform our strategy for GDPR.