With more and more people around the world becoming computer literate, we rarely give a second thought when passing around or email or name. It’s become increasingly easier to share documents, check our bank accounts, make payments or check our bills online. On the flip side of this, it begs the question, who can see our data? What happens to our information after we enter it? This confidential information could be as serious as banking, addresses or contacts. But it can also be classed as smaller things that we take for granted such as our IP address, browsing history and the things we post up on social media. Almost every company you encounter online will collect this data under a guise of bringing you more relevant information and serving you better. But, is this really the case?
What is the GDPR?
The EU have been asking the question of what companies really use all of this data for, to monitor their guidelines. The GDPR (General Data Protection Regulation) is the outcome of this question. The GDPR changed the way that each company and business store their user information, customer details and data. This act came into place on the 25th of May 2018. It has been added into all privacy laws in the EEA and EU area. Any company that intends to collect and store data from their customers will have to abide by it, regardless of what country their customers are from. This legislation ensures that all consumers are protected to the best of their ability and have the most control over who sees their personal information. There are a number of rights that the GDPR gives people, some of these include:
- The right to be informed – this means that all consumers will now have to opt in for any of their data to be collected, the company can’t persuade them to do so and their consent must be given voluntarily
- The right to access – consumers can request to see and change their data at any time, all companies must provide a copy
- The right to data portability – customers and users must be allowed to transfer any data the company hold about them to a different service provider on their request
- The right to be forgotten – if the client is no longer a service user, they can request that their data is deleted from all systems and that they will no longer be contacted by the business
- The right to object – consumers can opt out of their data being used for direct marketing
- The right to be notified – companies and businesses must keep their clients informed, especially if there has been a data breach of any kind, if it compromises the users information they need to know about it
- The right to have information corrected – if the users data is incorrect or needs updating then clients must be able to do this quickly and easily to maintain accurate records
- The right to restrict processing – if a consumer requests this, it means that the business can hold their data but they are not allowed to use it or pass information on to anyone else
Implementing the GDPR is the EU’s main strategy to overcome the many data breach issues it had been facing over the past few years. It keeps consumers safe and happy knowing that companies will not breach their data protection rights for any kind of monetary gain. There are significant punishments for companies that will continue to do this in the future.