Customer engagement specialists Redblok has warned that many business owners may be unaware of new EU data protection legislation which will impact how businesses in the jewellery and luxury goods sectors can collect, retain and process customer data.
The General Data Protection Regulations (GDPR) will come into force on May 25 2018 and will require organisations to comply with a number of new stringent regulations aimed at allowing EU citizens to have more control over their personal data and how it is used.
GDPR will be brought into UK law under a new bill to ensure data protection measures are maintained after the implementation of Brexit. The government issued a statement of intent for the new Data Protection Bill, which is designed to update and strengthen current data protection laws included in the Data Protection Act 1998, in order to reflect the modern digital economy.
The use of internet technologies to collect customer data has exploded in recent years. However data legislation created prior to the internet age has failed to keep up with this expansion and users’ data has become more at risk from exploitation as a result.
The GDPR aims to curb this abuse by allowing EU citizens:
- The right to be forgotten
- Have easier access to data stored about yourself
- Right to know when your data has been hacked
- Security by design and by default
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
What this means in practice is anyone who keeps personal data on individuals needs to be thinking about GDPR and how they will comply with a number of new regulations, such as ‘Double Opt-in’, that will require them to audit all their current data and possibly change their data collection processes.
With local data protection authorities able to issue penalties up to €20 million (or 4% of your global annual turnover, whichever is greater) organisations who regularly process customer data need to be aware of how the new legislation will impact them.
Redblok owner Daren Daniels is heading up a campaign to advise businesses on the issues they will face with GDPR as he has concerns that most organisations are unprepared or simply unaware of how the changes could impact them.
“Many of the business leaders I’ve spoken to seem to be unaware of the impacts that the GDPR will have,” explains Daniels. “With the deadline fast approaching, organisations not aware of the legislation need to be acting now. There are estimates that even if you start a resubmission campaign now you are only going to subscribe about 60% of your current customer database. Without taking express action, organisations will find it tough to get to these percentages and might risk having to review whether they should keep any data at all. Combine these with harsh penalties for companies who break the rules, and many organisations could have huge problems on their hands.”