Menu
Compliance Compendium
  • Back to Home
  • Blog
Compliance Compendium
keep-company-gdpr-out-of-headline

Keep your company GDPR compliant and out of the headlines – in a good way!

Posted on October 10, 2018January 7, 2019

How many times have you filled out your personal details on a company website and just ticked the “T’s & C’s” block without even reading or thinking twice?  Have you considered what happens to your information from there onwards?

Or how many times have you slammed down the phone in anger at yet another telesales agent calling to sell some policies or store card to you, coincidentally already having all your personal information?

The new General Data Protection Regulation of the EU, as well as it’s sister, the Data Protection Bill, aims to curb these practices.

MY COMPANY AND THE GDPR

But why should my company then be GDPR Compliant?  Even if it is a tiny corporation and not some huge international conglomerate?

The new regulation enforces that not only companies based in the EU, but also those containing data of EU citizens are affected and require compliance.

WHAT DOES GDPR COMPLIANCE MEAN FOR A COMPANY?

The aim of the GDPR is to focus on the control and protection of an individual’s data, as well as the general protection and security of all company data.

Companies are required to have a Data Protection Officer / Data Controller which ensures compliance to this.

In a nutshell, this is what the GDPR will mean for your company:

  1. Greater security is to be implemented (e.g. encryption) to minimize the risk of data breaches. In the event of this happening, a client needs to be informed within 72-hours of the situation, as well as the remedying factors.
  2. Clients are to be given detailed accounts of what will be done with their data, when and how. They also need to specifically need to consent to each of this.
  3. Right to Access – Any person now has a right to have access to their personal information. Electronic or printed copies of this can be made available to the clients.
  4. A client can give a company permission to gather and process their data, but not allow it to be used for anything else.
  5. No more “opt-out” – Gone are the days of spamming your clients with marketing mail and just adding an “opt-out” option at the bottom. Permission for this specifically needs to be obtained.
  6. Right to be Forgotten – At any point in time a client can withdraw his / her consent and request their data to be deleted from a company’s database.

BUT WHAT IF THE COMPANY DOES NOT LISTEN?

In this new day and age, companies are not allowed to anymore “conveniently” forget what clients requested on their personal data management.  Non-compliance on this can lead to a hefty fine of even up to 20 Million Euros, or 4% of the annual company turn-over.

COMPLIANCE, COMPLIANCE, COMPLIANCE

After all the doom and gloom, what can a company now do to comply?  And is there any agencies or companies out there that can help without having to break the bank?

Compliance Compendium (UK) delivers one such an option via its CC-Suite.  It caters for the compliance needs of anything from a huge multi-national company to a small NGO.

Compliance Compendium help with the following:

  1. Assist with data security measures to combat and handle data breaches.
  2. Review current documentation in place, and advise on further needs.
  3. Do a data map of current data, how it is used and what might still be needed or not needed.

IN CONCLUSION

The new GDPR legislation was not brought in to punish companies.  It is a measure designed to regulate data usage as well as protect and individuals and company’s data requirements.

———————-

TOP TIP FOR TODAY: Please also read all future blog posts and articles on this topic to keep yourself and your business up to date.

ENJOYED THIS BLOG?

Awesome! We would love to hear from you. You are welcome to submit inquiries or comments either via the comment option below or contacting us directly.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

©2026 Compliance Compendium | Powered by SuperbThemes & WordPress