General Data Protection Regulation (GDPR) is going to be one of the biggest shake-ups in data protection and privacy law history. The European Union are making huge changes and it is up to businesses to ensure that they will be fully compliant with the new legislation.
One of the key reasons why GDPR will come into force is due to the exponential rate that data is being collected. That’s why changes need to be put in place to regulate how organisations are collecting and using personal data. With data-driven marketing increasingly at the forefront of businesses within the gaming industry, it is inevitable that organisations are going to have to prepare themselves considerably for new marketing practices before the changes come into place.
GDPR won’t be applied until mid-2018, which may seem like a long way away. In reality however, time is running out to ensure compliance to the new regulation. So, how should businesses prepare? Here are some of the key points for marketing departments to take into consideration ahead of the change.
1 – Consent
One of the main aims of the regulation is to put individuals back in control of their data. In recent years, individuals have taken data protection much more seriously and are more aware that companies are using their data and selling it on. Therefore, transparency is crucial to the future of business and marketing. Marketers must be aware that they need to make it clear to customers what will happen to their data and where it will be shared. You should ensure you find out and document what personal data you hold, where it has come from and who you share it with.
Furthermore, you need to ensure that when you are processing data it is adhering to GDPR policy. Organisations will need to look at the different ways that they are currently carrying out data processing and make sure to identify and document the legal basis for carrying it out.
2 – Right to be forgotten
In addition, if customers are not happy with you using their data, they have a right to be forgotten and this must be adhered to. Failure to do so could lead to serious consequences and lead to businesses facing damaging legal action.
To be GDPR compliant in advance, you may want to review and adjust the way you obtain and record consent. It will also mean that you must ensure the deletion of personal data and ensure you have a procedure in place to include how you would delete personal data.
3 – Data Requests
Data access requests known as subject access requests (SAR’s) must be responded to in a shorter timeframe. A new process must be put in place to ensure requests are completed in time and how data will be provided electronically and in a commonly used format.
4 – Prepare your Staff
To implement these changes will require a team effort with all key people in your organisation aware of the changes and new procedures. So, ensure everyone is on board with the importance of making the new changes.
Moving forward, businesses must take huge strides in their marketing practices, because they may face serious consequences. These are just a few of the ways marketers can prepare for the different aspects of GDPR. It’s vital for marketers to learn the full changes to GDPR or you could face huge consequences.
To find out more about GDPR, check out our special Compliance Briefing event at www.compliancebriefing.com
