On the 25th May 2018, as the clock struck midnight, your entire digital world changed overnight. Sort of. GDPR – the General Data Protection Regulation – changed the way that businesses handle and process personal data.

Despite the years of preparation businesses could have had to sort out their databases, what really happened was quite different. I’m sure your inboxes were obliterated with all the copy-and-paste notices telling you why they need your consent.

A flurry of GDPR emails
Make. It. Stop.

We had to do it too, so no judgment from us!

The trouble with permission

Perhaps out of ignorance, maybe through hatred of deleting ‘spammy’ emails, some businesses didn’t bother with GDPR compliance.

“It’s a fad, whatever. Cookie pop-ups are annoying,” some business owners may think. Well, what if they’re right? It’s been a few months since GDPR came into force… has anything REALLY changed?

The answer, truthfully, is yes.

What does GDPR do?

A quick regulation recap: it’s all about transparency of data usage. If a customer demands you hand over their information, you are required to give them full access.

Should a customer request you remove their PII (Personally Identifiable Information), you have to make sure you can do that too. Everything you do with their data – if you intend to share it with partners or use it to contact the customer directly, for example – needs to be consensual.

What if I don’t comply with regulation?

We don’t know the full extent, but we do know that the maximum penalty for noncompliance is 4% of annual global revenue.

Image of an empty pillory stock. Could this be the punishment for GDPR?
Maybe it won’t be as extreme as being sent to the stocks, but we just don’t know.

Because we’re just at the beginning of this new age of privacy, it’s hard to estimate the size of fine the average business could face.

Has anyone been fined for GDPR violation yet?

Yes – notices are being posted. Action is being taken against non-compliant companies and individuals who have accessed records when they weren’t supposed to. Not even US tech monolith Facebook is immune to criticism. The legalities can be a long and gradual process and it’s only been two months, after all.

Consumer trust and GDPR

Customer holding credit card considering a purchase online
Customers are wiser these days. Try and be as honest as possible with them – they’re what your business is all about, after all.

It’s not just fines you should be wary of: your customers received as many emails about data protection laws as you did. Customers are more aware than ever about what data you have – and what data they don’t want you to have.

Across the ocean in the US, 1 in 3 adults refuse to complete a transaction online due to finding something they didn’t like in the privacy policy. People are taking control of their privacy and taking it seriously.

The wall of shame

The ICO – the Information Commissioner’s Office – regularly updates this wall of shame. Though sparsely populated with GDPR-related charges for now, the penalties are creeping up.

Screenshot of the Information Commissioner's Office (ICO) GDPR penalties section

That’s right: you ARE going to get named and shamed if your business is caught out by the regs. So what now?

Keep on top of your records

GDPR wasn’t a one-off event; it’s part of our daily lives now. We need to stay within the lines and – above all – just be more honest with our customers. They appreciate the honesty more than ever and we’re champions of that policy.

If you need more structure, the ICO fortunately provides an easy-to-read guide to get you familiar with GDPR. They include a checklist so you can see which of your current activities are compliant.

Need a hand?

If you’re looking for compliant ways to collect and use customer data for marketing, we can help.

Get insight to your inbox

Sign up for our mailing list by clicking the button below.

[WD_Button id=12268]

Scroll to Top