The Internet has changed drastically. It has changed the internet on large scale, nowadays internet is the most preferred means of communication. For almost everything we do, we use the Internet. The Internet has become important in every aspect of our day-to-day lives, changing the way we interact with the world. We send online emails, send attachments, transfer money and we do purchase online by entering our personal details or payment details and without thinking for a second. The important issue for Internet use is privacy. Have you ever thought about privacy of your personal and payment data? Or what happens to your personal data and payment data? We are talking about personal information, payment information, contacts, addresses, social media posts, and even your IP address and the websites that you have visited are all saved by companies. These companies say that they collect your data so that the can provide you a better experience. But what do you think, these companies really use this data for improving user experience? To answer this question, a new law is implemented by European Union (EU) for companies who comply with the collection and processing of personal data and payment data. The law, the General Data Protection Regulation (GDPR). This EU law has 11 chapters and 99 articles and aims to protect personal data and digital privacy. The GDPR has been enforced from May 25th, 2018 for every company that offers goods and services to EU citizens or collects their personal data should comply with the new GDPR privacy rules. TrustArc found that only 20% of businesses believe they are now GDPR complaint.
The 8 basic rights of GDPR
Under the GDPR, individuals have:
- The right to access - this means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data, free of charge and in electronic format if requested.
- The right to be forgotten - if consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted.
- The right to data portability - Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.
- The right to be informed - this covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt in for their data to be gathered, and consent must be freely given rather than implied.
- The right to have information corrected - this ensures that individuals can have their data updated if it is out of date or incomplete or incorrect.
- The right to restrict processing - Individuals can request that their data is not used for processing. Their record can remain in place, but not be used.
- The right to object - this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
- The right to be notified - If there has been a data breach which compromises an individual's personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.
The GDPR is the EU's way of giving individuals, prospects, customers, contractors and employees more power over their data and less power to the organizations that collect and use such data for monetary gain. How has GDPR impacted your business? Let us know in the comment section below. P.S. If you are interested to know more about how GDPR affects your customer data, then contact us today.
