General Data Protection Regulations
In May of 2018, the GDPR law took effect. Many businesses are still non-compliant, and this could have severe ramifications for any company that does not make it abundantly clear what information it collects and why.
You must also make sure you allow customers to opt-in so that they know what they are subscribing to – this cannot change without their knowledge. The Information Commissioners Office has full guidelines about the new act.
Check out our web design training webinars / workshops here.
The EU’s General Data Protection Regulation may appear to be a lengthy list of dos and don’ts, but it is actually a commitment to privacy.
Six privacy principles are incorporated into each item of GPDR. These principles appear early in the legislation and consist of:
- Lawfulness, Fairness, and Transparency
- Limitations on Purposes of Collection, Processing, and Storage
- Data Minimization
- Accuracy of Data
- Data Storage Limits
- Integrity and Confidentiality
Despite the exceptionally broad nature of the majority of the regulation, these privacy principles highlight the essence of the GDPR.
The six privacy principles are not original nor groundbreaking. The previous EU law, the Data Protection Act of 1998, reflected a similar desire to restrict data controllers in this manner.
But since the GDPR not only replaced the Data Protection Act, but also carries penalties never before seen in privacy legislation, it is worthwhile to familiarise yourself with these principles.