This 25 May 2018 is GDPR-day. Coming into force across the EU, it’s going to be one of the biggest shake-ups in data protection and privacy law history.

What’s Changing?

The European Union are making huge changes and it is up to businesses to ensure that they will be fully compliant with the new legislation.

One of the key reasons why GDPR will come into force is due to the exponential rate that data is being collected. That’s why changes need to be put in place to regulate how organisations are collecting and using personal data. With data-driven marketing increasingly at the forefront of businesses within the gaming industry, it is inevitable that organisations are going to have to prepare themselves considerably for new marketing practices before the changes come into place.

How Will GDPR Affect iGaming?

Ever iGaming operator and supplier within the EU will be affected by the GDPR. In fact, every business that handles any form of personal data is affected by the new regulation. Even businesses elsewhere in the world, but whose activities take place within the EU, need to be aware of new responsibilities.

The full scope of the regulation covers everything from where data is stored, to how long it can be stored, to the permissions needed to be obtained. The iGaming industry will likely have to make significant changes to key systems and processes to remain compliant.


Final Checklist for Marketing Teams

Many of GDPR’s requirements fall within marketing teams’ responsibility. Whilst numerous departments will need to initiate changes, here are some of the key points for marketing departments to take into consideration ahead of the change…

1 – Prepare and Train your Staff

GDPR requires staff within your business to understand its principles and know their responsibilities. To implement these – and more – changes will require a team effort with all key people in your organisation aware of the changes and new procedures. So, ensure everyone is on board with the importance of making the new changes.

IT’S NOT TOO LATE: Act now, by booking for our GDPR Data Protection course or the high-level GDPR Masterclass. Both courses provide clear guidance and indicate key action-points – and your booking will show clear intent to plan for the implementation of changes. 

2 – Check consent, and re-obtain if necessary

One of the main aims of the regulation is to put individuals back in control of their data. In recent years, individuals have taken data protection much more seriously and are more aware that companies are using their data and selling it on. Therefore, transparency is crucial to the future of business and marketing. Marketers must be aware that they need to make it clear to customers what will happen to their data and where it will be shared. You should ensure you find out and document what personal data you hold, where it has come from and who you share it with.

Furthermore, you need to ensure that when you are processing data it is adhering to GDPR policy. Organisations will need to look at the different ways that they are currently carrying out data processing and make sure to identify and document the legal basis for carrying it out.

3 – Allow contacts to be ‘forgotten’

Your contacts should have a clear and easy-to-request method for removing all their data from any database you hold. If customers are not happy with you using their data, they have a right to be forgotten and this must be adhered to. Failure to do so could lead to serious consequences and lead to businesses facing damaging legal action.

4 – Prepare for Data Requests

Data access requests known as subject access requests (SAR’s) must be responded to in a shorter timeframe. A new process must be put in place to ensure requests are completed in time and how data will be provided electronically and in a commonly used format.


For further details on GDPR, or how you can train your staff in data protection and privacy principles, contact iGaming Academy or read more about our GDPR Data Protection course or GDPR Masterclass