What is GDPR and how is it relevant to my business?

Posted by John Kennedy on Feb 21, 2018 7:34:02 AM
John Kennedy


The GDPR or General Data Protection Regulation (261 pages) is designed to unify data privacy laws across the EU, giving EU citizens more control over their personal data and prescribing how organisations may use and must protect their subjects data.

Under the EU’s new rules, as a European citizen I have the right to know how my personal data is being used, why it’s being processed, have the right to access and correct it, restrict further processing of it and ask that all my data be erased or passed onto another party.

As a business you must know where and what data you have stored, it’s source and that you are lawfully complying with the regulations on how to keep and process it.

It’s recommended therefore that you take the time now before the GDPR goes live, that you conduct a thorough review of the various types of personal data you have stored, their source, what they are used for and whether it is critical to hold to that data for your business.

By building up some insights on how you manage, source and process your data now, you can identify potential vulnerabilities and address possible risks of non-compliance before May 2018 when the regulations are in force.

One of the most important parts of the new regulations for the marketers amongst us is the requirement to show that when you subscribe visitors to your emails, newsletters, blogs, etc. that you received their permission. Pre-checked boxes and implied consent will be a thing of the past.

As a business you must store your contact’s consent properly and have a process to prove that you received permission. What businesses cannot do going forward is assume that silence or inactivity are consent because you will be breaking the rules.

Data subjects will have extended rights under the GDPR. These include the right to be forgotten, to data portability and to be informed for example in the case of their data being taken in a breach.

In the case of a data breach the new GDPR will make it a duty for a business to notify the appropriate data authority within 72 hours and communicate with those individuals affected as soon as possible.

A great source of information if you want to start reading more about GDPR is provided by the ico (Information Commissioner's Office) in the UK.

Subscribing to Work.Tools is like having your own dedicated IT team at a fraction of the cost, we offer personal, reliable IT support and are on hand whenever you need us.

Our subscription Plans mean you can pay for support in a way that suits your business and budget.

  • Improve productivity and don’t let bad-tech slow you down
  • Free up time and effort to run your business
  • Use technology to take performance to the next level
  • Resolve those IT problems before they see the light of day

At Work.Tools we will never be able to replace the need for legal expertise, and this blog cannot be used as legally binding advice. It’s important that you discuss your own individual GDPR needs with appropriate legal advisors.

Image source:

Topics: Business, Data privacy, GDPR

Follow our Blog