Security
GDPR, too far or a wake-up call?

GDPR, too far or a wake-up call?

On the 25th of May 2018, GDPR became law. Yes, that’s almost 2 years ago now. How time flies! Since I deal a lot with personal data of customers, visitors, prospects and more in my job, I thought it was important to be well informed about what this law entailed. Therefore, I started my research and looked into this.

What was it all about?

How do you make sure your clients are compliant? There probably won’t be any immediate check-ups, but being prepared is always useful. I began by sorting out the do’s and don’ts. Did we really need to email all of our obtained contacts asking if they still wanted to hear from us?

Do you remember April 2018? Numerous emails from companies – that you didn’t even know were using your data – sent emails asking that same question. That’s exactly why I think the introduction of this law is a good thing. If only to make people aware of the value of their personal data.

A data registry, a data leak/breach registry, an updated privacy policy, an approval of each contact to use their data … All of this had to be done to be in legal order. In the process, Safe-Connect undertook simultaneous actions to take cybersecurity to the highest level.

Are we going too far?

I have often heard from clients, “Is all this really necessary?” And they actually had a good point. The law was introduced with the message that no checks would be carried out in the first few years. This was due to time constraints at the Privacy Commission. But our customers were in compliance and the data of their contacts was protected. That was most important to us!

One and a half years later, law firm DLA Piper investigated how many fines had been imposed in the meantime. And yes, Belgium is at the bottom of the list with 39,000 euros, while France went all the way with no less than 51.1 million euros. In our country, these fines were mainly for politicians who used their business contacts for election campaigns.

Conclusion

In hindsight, despite few check-ups and fines, it was good for everyone to reflect on the use and value of their personal data. Consumers are now able to take hold. And for companies, there is now a brake on not being out of touch and not viewing personal data as a business commodity. No more need to buy lists of uninterested prospects and perhaps think about personalization, targeting and inbound marketing. This way you deliver requested information and the focus is on helping and informing. After all, it’s much easier and cheaper to turn an interested prospect into a new customer, makes sense, right?

A Dutch version of the GDPR guide can be found here:

Tags :