You’ve probably heard of The General Data Protection Regulation (GDPR) by now and might have questions about it. Here’s what we know about how it might affect Whichit and our users.
What is GDPR?
The GDPR is a European Union (EU) privacy law that will affect businesses around the world when it becomes enforceable by the end of May 2018. It regulates how any organisation treats or uses the personal data of EU citizens, including organisations located outside the EU.
Personal data means any data, used alone or with other data, relating to a living individual.
What types of Personal data does the GDPR protect?
- Basic identity information such as name, address and ID numbers.
- Web data such as location, IP address, cookie data and RFID tags.
- Health and genetic data
- Biometric data
- Racial or ethnic data
- Political opinions
- Sexual orientation
How will GDPR affect you and your individual rights?
The EU wants to give people more control over how their personal data is used, considering that many companies like Facebook and Google swap access to people’s data for use of their services. The current legislation was established before systems like the internet and cloud technology created new ways of exploiting data, and GDPR seeks to address that. By strengthening data protection legislation and introducing tougher enforcement measures, the EU hopes to improve trust in the emerging digital economy.
The individual rights that GDPR includes are:
- Control over data collected
- Right to be forgotten
- Right to be informed
- Access information
- Right to object
- Restrict processing
- Not to be subject to automated decision making.
If you collect, change, transmit, erase, or otherwise use or store the personal data of an EU citizen, you’ll need to comply with the GDPR.
Prepare yourself to support people's requests to have personal data corrected or completed, transferred to another organisation, prohibited for certain uses, or removed completely—all in a timely manner.
You should also be able to tell someone how their personal data is being stored, and what you're using it for. If they ask, you'll also have to share the personal data you hold on an individual or offer a way for them to access it.
How is Whichit getting ready for GDPR?
We have modified numerous internal practices and policies over the last year because we are committed to achieving compliance with the GDPR in 2018.
- Updating Terms & Conditions and privacy policies.
- Building infrastructure for data removal compliance.
- Reviewed our data collection processes.
- Improved conditions when processing special categories of data.
- Upgraded data protection procedures.
For more information about the GDPR visit ICO