It seems like yesterday that GDPR was going to transform business as we know it, killing off various industries and ensuring the organisations could never talk to potential customers without first obtaining five layers of consent.
The hyperbole surrounding GDPR day would have had you believe that it was going to be the next Millennium bug, only real; a near-apocalyptic event, the business equivalent to the meteor that caused the dinosaurs to become extinct.
However as the dust settles from 25th May, what has been the impact of GDPR?
Those who don’t comply with GDPR risk fines of up to 4% of annual global revenue or 20 million Euros, whichever is greater – something that Dixons Carphone are going to experience first-hand. Fresh off the bat, Dixons Carphone have become the first business, post-25th May, to have admitted to suffering a huge data breach involving 5.9 million payment cards and 1.2 million personal data records.
Whilst there has been no evidence that any of the cards had been used fraudulently following the breach, it will not be long before Dixons Carphone experience the full wrath of GDPR and, after achieving a global revenue of £10.58 billion, they should be extremely concerned about this.
Whilst not a cataclysmic event, GDPR has changed a lot of things for companies in the way sales teams prospect or the way that marketing activities are managed. GDPR requires that an individual must have the right to withdraw consent at any time, and consent will not be valid unless separate consents are obtained for different processing activities.
Not only can you now see what data an organisation collects when you visit their website, but thanks to increases in transparency, we can see why they are collecting that data. Thanks to GDPR, businesses are now required to show that there is a legitimate reason as to why they are collecting data, and ensures that they can no longer take unnecessary information that is unrelated to the service that they are providing.
The reality is that not much has really changed. Individuals have got more rights and are aware of that fact, even if not of the facts; and companies should now be more aware of their obligations and exactly what data they hold. For most it is business as usual, just with more care over who they contact and how. However while the dust has settled for now, complacency will likely lead to errors and fines, keeping compliance at the forefront of business operations for the foreseeable future.
If you’d like to find out more about how you can increase transparency with consumers on how you manage and collect personal data, discover DataCAT, which is specifically designed to provide businesses with a quick and easy solution to help you get and stay compliant.
Has your business been impacted by GDPR? Or are you looking to increase your GDPR compliance, contact us today to find out how we can help your business.