¡Hi, everybody! Today we talk about laws. Yes, you have read correctly. But wait. At Multiplicalia, web design at Seville, we still are enthusiasts about e commerce and everything it carries. However, if you have online presence, is crucial for you to know what happens with all your customer’s data and how every single and apparently stupid operation can affect you. Keep in mind: information is power! So, ladies and gentlemen, we feel proud to present the new data protection regulation: General Data Protection Regulation (GDPR).
What to expect with the new GDPR
The European Union announced that, as of May 25 of this year, the way in which the processing of personal data is monitored will change. The zoom in transparency and constant information between the company and the person giving up their data will be expanded. You must know that nobody gets rid. If you are a company that operates within the European Union, the RGPD concerns you, and a lot.
La Unión Europea anunció que, a partir del 25 de Mayo de este año, la forma en que se vigila el tratamiento de datos personales cambiará. Se ampliará el zoom en la transparencia y la información constante entre la empresa y la persona que cede sus datos. Debes saber que nadie se libra. Si eres una empresa que opera dentro de la Unión Europea, el RGPD te concierne, y mucho.
1.No half measures
In the past and in most cases, a consent implicitly included was enough. For example, pre-marked fields. That is over. Now, the consent must be indicated explicitly, that is, very clear.
2. The user is the one in charge
The user must be informed about what will be done with the processing of their data: generation of contacts, newsletters, generation of statistics … Likewise, you will inform them if you do something different than what was planned.
On the other hand, new rights appear for those who give up their information. For example, the right to be forgotten, which allows a future elimination by the user of their data. The portability right also takes shape, allowing them to take data from one provider to another. Or the right of opposition, which gives them the power to refuse the creation of profiles with their information with marketing objectives.
3. The risk, in the distance
When the management of the data endangers the rights and freedoms of individuals, a risk analysis on the protection of personal data must be carried out before initiating the treatment. In other words: avoid failures is the new motto.
And if there is any incident that endangers the security of personal data, the company will have 72 hours to communicate it to the authorities and to the users.
Por otro lado, aparecen nuevos derechos para quienes ceden su información. Por ejemplo, el derecho al olvido, que posibilita una futura eliminación por parte del usuario de sus datos. Toma forma también el derecho de portabilidad, que les permite llevar los datos de un proveedor a otro. O el derecho de oposición, que les da potestad para rechazar la creación de perfiles con su información con objetivos de marketing.
4. A security manager
If you are a public entity, you must create a Data Protection Delegate (DPD). It will also be mandatory for companies whose activity is based on the collection and management of personal data. This is the case, for example, of those that are dedicated to creating and distributing content through email marketing. The DPD will be the representative of all the collection, management and security of the information.
The most important thing: Chip change
First of all, the GDPR seeks to change the mindset of companies. In other words, convert security and privacy into a business asset. How? Leaving aside the filling of forms and, instead, orienting ourselves to create a corporate culture around data protection. Training our workers and informing them about each and every one of the changes that occur in this area is crucial.
You have a few weeks to go by the idea. Privacy and security are factors of success and can add value for your customers. It is something so primordial that the arrival of the GDPR has to be seen as an element that will help us differentiate ourselves from the competition. If you need us to guide you in any matter, do not hesitate: contact us! See you in the next post.