As a follow up to our recent GDPR event, we have compiled a few frequently asked questions and answers to help you further understand what is expected when GDPR is introduced on the 25th May 2018.
2. GDPR - WHAT
DO YOU NEED
TO KNOW
GDPR: It’s relevant to a lot of
UK organisations. The
deadline is getting closer and
many are still yet to be fully
compliant. Below we outline
some of the key questions
that you may have with
regards to the changed
regulations
3. WHAT IS
GDPR?
A new European regulation
that covers data protection
and takes effect on the 25th
May 2018. It’s aim is to
improve and unify the way
personal data is stored,
used and protected
4. WHAT IS
CONSIDERED TO
BE PERSONAL
DATA?
• Any information that
allows a person be
identified based on data
held
• Examples: IP address,
ID number, biometrics
5. WHO DOES GDPR
APPLY TO?
Essentially every organisation
that processes, stores or
transmits personal data of EU
residents. Both data processors
and controllers have
obligations under GDPR
6. DOES GDPR ONLY
APPLY TO EU-
BASED
COMPANIES?
• It applies to every
organisation that processes
personal data
• Even if based outside the
EU, as long as they serve
the EU market, they are
obliged to be GDPR
compliant
7. WHAT IF I DON’T
FOLLOW GDPR?
WHAT ARE THE
PENALTIES?
• Severe fines of 2-4% of
turnover or €20m –
whichever is greater
• Failure to address thr
original issue can result in
further fines (up to €40m)
• Reputational damage
8. WILL THE FINES BE
ENFORCED?
• It is down to the authorities
to have the appropriate
resources in place in each
jurisdiction
• You should take as many
steps as possible to display
that you are attempting to
become compliant
9. WILL GDPR
AFFECT THE UK
AFTER BREXIT?
• Yes, these rules apply
regardless of Brexit
• The UK’s Data Protection Bill
goes hand in hand with
GDPR
10. WHAT ARE THE
INDIVIDUAL’S
RIGHTS UNDER
GDPR?
• Strengthened privacy rights
• They can also object to marketing,
profiling and processing
Be informed Restrict processing
Access Data portability
Rectification Object
Erasure
People have the right to:
11. DOES GDPR
REFER TO COLD
CALLING?
• It doesn’t directly impact telesales,
so prospects can be contacted
without having to opt in
• However, EU ePrivacy Regulation
is expected to be implemented
which will regulate telesales
12. THANKS FOR READING
If you would like to speak to a specialist consultant about whether you
need to hire staff members to help you reach compliance, don’t hesitate
to get in touch with Morgan McKinley
www.morganmckinley.co.uk