January 09, 2018 - By Ginna Hall, Senior Writer, Visual IQ
The EU’s sweeping data reform regulation -- GDPR -- went into effect on May 25, 2018. This has been on the horizon since 2016, when the European Commission issued a press release outlining data protection reform and its goal to “make Europe fit for the digital age.”
“The EU General Data Protection Regulation (GDPR) was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.” -- from the EU GDPR Portal
The implications for companies everywhere are enormous. Brands, especially B2C companies, will feel the impact of this new regulation for some time, since a majority of them are gatekeepers of customer data.
Currently, many marketers do not completely understand the implications of GDPR. In fact, before May 25, almost half (48%) didn't believe their teams were fully aware and over a quarter admited their websites were unlikely to be compliant by the end of May.
The penalties for being out of compliance can be severe. Business that do not comply can be fined up to 4% of annual global revenue or €20M ($27M) for breaching GDPR.
Here’s a brief overview of what you need to know about GDPR. More information about the regulations can be found on the EU GDPR's official site.
GDPR outlines new rules for collecting and recording consumer consent to be contacted, making requests for personal information much more transparent. To comply, businesses must meet strict new requirements.
GDPR applies to all companies processing and holding the personal data of “data subjects” residing in the European Union, regardless of the company’s location. Any business with customers in the European Union must adhere to GDPR rulings.
According to the United Kingdom’s Information Commissioner’s Office, the GDPR applies to both data ‘controllers’ and ‘processors’.
For example, a brand may be a data controller, while its Data Management Platform (DMP) vendor is a data processor.
If you are a processor, you are required to maintain records of personal data and processing activities. You will have legal liability if you are responsible for a breach. If you are a controller, you must ensure your contracts with processors comply with the GDPR.
The new regulations are designed to achieve four main objectives:
GDPR defines personal data as any information related to a person or “data subject” that can be used to directly or indirectly identify the person. This can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.
Here are six initial steps you can take to prepare for GDPR.
Digital marketing is complex, with companies managing multiple platforms and vendor relationships. This new regulation will have significant impact on how brands communicate with their customers. But looking at the big picture, we believe GDPR will move brands towards a new era of transparency in customer interaction and engagement. Stay tuned to our blog for more information.
Want to learn how Visual IQ can help you optimize your marketing and advertising performance by audience segment? Request a demo today