Do I need to comply with GDPR?

05 Jun Do I need to comply with GDPR?

Answer: Probably.

GDPR is an expansive regulation that will be applied internationally (not just the EU). It is not exclusively dependent on where you do business or who you do business with but the activities that you do. This regulation applies to:

(1) A company or entity that processes personal data as part of its activities at one of his branches in the EU.

(2) A company established outside the EU which offers good or service (paid or free) or is monitoring the behavior of individuals in the EU.

(3) All companies processing and holding personal data of residents of the EU, regardless of the company’s location.

What is Personal Data?

The processing of personal data is now any information that relates to an identifiable living person. Obvious examples would be:

• A name and surname

• Home address

• Email address

• Date of birth

So if your site has enquiry forms and/or email sign-ups for instance, these elements will now need to compliant with the new regulation.

But it also includes (this list is not exhaustive):

• Cookies

• IP addresses

• Locations

• Health and genetic data

• Political opinions

• Sexual orientation

So if you can track someone via their IP address, you now need to disclose this and the visitor will need to have an affirmative acceptance.

When processing and securing this data, someone’s name and address needs to be as transparently disclosed and treated with the same care and diligence as a cookie or IP address.

No Data is grandfathered in:

Any data that you have collected from pre-GDPR expansion needs to now meet the new criteria. IE, if you have mailing lists that do not meet GDPR protocol, to use them would now be in breach of the regulation.

The Zeitgeist of GDPR is transparency and fairness, business need to now disclose clearly what they do, and how it will impact the visitor. It is the obligation of the organization to:

• Map and classify all personal data.

• Perform risk assessments

• Hire dedicate data protection officers

• Monitor compliance

• Document every activity around data

• Document everything you need to ensure legal compliance.

If you would like us to assess your business for GDPR, contact Aware today. We have an article on business impacts here.

• About the Author
• Latest Posts

About Sean Allan

Digital Marketing Manager at Aware Group: Working his way through the world of technology and Thailand as best as he can. Happy to contribute to other tech publications.

• Microsoft Copilot vs ChatGPT: Navigating the Future of AI Assistants - April 3, 2024
• Harnessing Microsoft 365 Copilot for Educational Excellence - March 21, 2024
• How Can Microsoft Copilot Help Human Resources Staff? - March 20, 2024
• Microsoft Copilot for Human Resources - March 20, 2024
• The Business Benefits of Microsoft Copilot for Marketing Professionals - February 19, 2024
• The key business benefits of Microsoft Copilot - February 19, 2024
• How To Increase Your Employee’s Productivity with Copilot for Microsoft 365 Word - February 16, 2024
• Transform with AI – Journey with Aware - November 20, 2023
• What is Edge Computing? Advantages and Disadvantages: - May 20, 2022
• SAP Business One Vs Microsoft Dynamics 365 - November 12, 2021