The General Data Protection Regulation (GDPR) is a new regulation in EU law that is coming into effect on 25th May 2018. This will affect businesses around the world who deal with any European Citizen. This change in legislation will affect all businesses in the UK as they will all have data they collect on clients such as addresses and phone numbers.
A major change is the transparent manner that data is to be collected. Meaning when data is going to be collected the subject must be fully aware of it and where its being stored and if any 3rd parties may have access. You must also allow communication on the data that is stored about a person. A client may request a business to tell them the data they have about them and also request that the data is removed. This means that businesses need to plan a process for if this happens like how the data will be gathered and summarised to be given to the client.
The change to websites that will be most noticeable will be the addition of a privacy policy page. This page will outline what data you are collecting and what it will be used for. This is so the user knows what they are agreeing to.
If you're website has been made by us we will be contacting you about updating your website so it is compliant.
Thanks to Shadowcat systems in Lancaster for the event they put on to help businesses understand the new GDPR regulation on Friday 13th April. Their website has plenty of blog posts about the GDPR if you are interested in reading further read more at https://shadow.cat/blog/mark-keating/2018/007-GDPR-12/.
Since the GDPR is a vast and quite vague regulation a lot of what is being reported on it is people's interpretation of it. If you want to make sure you are fully compliant you will need to seek legal advice.