If your organization handles personal data, you will need to have a deep understanding of GDPR requirements and how to be compliant.
CPO | Co-Founder
In recent years privacy regulations are springing up like mushrooms after the rain - GDPR, PDPA, CCPA to name just a few. Ever since the Cambridge Analytica scandal our personal privacy has made the headlines. And the governments reacted. The story started in Europe with GDPR regulation that inspired the rest. Now let’s take a quick look at it and how it affects your business.
GDPR stands for General Data Protection Regulation. The primary goal is to protect personal data of European citizens from being used without their permission. The secondary goal is to create a level playing field for both multinational and local companies.
If you are doing business in EU or have just one EU citizen in your database, by law, your company needs to be 100% compliant with GDPR. Another way to think about it is this:
in life and in business, golden rule applies – treat others the way you want to be treated.
For example: Would you like to have a telemarketer call you at 8 pm when you are having dinner with your family? Probably not. How can this happen? Because some unscrupulous companies can potentially sell your personal data. Treat your customers the way you want to be treated. Regard their personal data as sacred and only use it for purposes they gave you their consent for. Your business will boom, customers will respect your brand and you will be 100% GDPR compliant.
If you don’t bother with GDPR, chances are that people, companies who represent them or data protection authorities in EU states can file a complaint against your brand. Just 12 months following the GDPR legislation there were 144,376 queries and complaints and 89,271 data breach notifications resulting in 446 investigations. More than two-thirds of these investigations were initiated by people just like you and me. They complained about telemarketing calls, unwanted promotional e-mails and suspicious video surveillance.
Germany - Social network operator was fined 20,000 € for failing to secure users data France - Google was fined 50 million € for lack of consent on advertising Poland - A data brokering company was fined 220,000 € for failing to inform citizens that their data was being processed by the company Latvia - A sports betting cafe was fined € 5,280 for unlawful video surveillance As you can see the fines are between 5,000 to 220,000 €. They can go up to a maximum of 20 million € or 4% of the company's worldwide revenue.
All personal data your company gathers must be processed with care. Here are the 9 principles set up by the European Commission to guide you in your journey to become GDPA-compliant.
As both data controller (a company that controls the data and its usage) and data processor (a company that processes data given to them by data controller), we take GDPR very seriously. Here are a couple of things on how we can help you in your data controller role:
As a data processor, we fully understand that you own and control every byte of data you entrust to us. Here are the rigorous measures we take to make sure of it:
The world is changing. GDPR is the canary in the coal mine. A harbinger of an era where customers demand more privacy and transparency with regards to their data. Other countries already follow suit - Singapore with PDPA or California with CCPA. At Meiro we are always one step ahead. We believe in transparency and openness. Our customer data platform is a trailblazer that shows you how personalisation and privacy can co-exist side by side. To us, privacy is the future and we welcome it with open (and compliant) arms.
Unleash the full potential of your customer data. Let’s talk!
Spread the love:
Pavel stands behind all the smooth operations and business growth. You would run into him in the queue at airports rather than in one place. Besides that, he enjoys chess, boxing, and history.