BLOG/GDPR is here, but are you ready?/

GDPR is here, but are you ready?

Last week you’ve received tons of emails on the change of privacy policy from the companies processing data of the EU users. If you are one these companies stressing out about the compliance with the GDPR, you will be interested in the tips and perks we’ve prepared for you. Don’t worry, the GDPR won’t bite you unless you neglect it.

Specific purpose for strict time limit

The first tip, every time you decide to collect and process users’ data, you need to identify a reasonable purpose for it. For example, if you provide online retail service, you need to collect the delivery address and the code to enter the building of your customers to deliver the goods. You can keep this data until the order has been delivered to the customer, afterwards it should be deleted as the purpose for which this data were collected, has been achieved.

As the main goal of GDPR is to prevent companies from the misuse of personal data without a defined purpose for unlimited period of time, make sure to follow this simple principle to protect your company from fines and your customers from privacy breaches.

Identify the data and store it correctly

Create and keep a nice and neat register of users data in different storages depending on the nature of the data. This will allow you to monitor the data processing and answer rapidly on requests from customers to delete their data, granting them their “right to be forgotten”. Don’t forget that under the GDPR people can ask you to “forget them” or simply delete their data at any time if it’s no longer relevant or the purpose for which it has been collected, has been attained. Keep this in mind!

Active or passive consent?

Always ask for the customer’s consent on every change related to their data privacy. As the time of passive consent under past opt-outs models has passed, the GDPR makes you to obtain an active affirmative consent for each data processing. For example, we advise you to send an email to your customers asking their consent on receiving the newsletters from your firm. This will allow you stay in touch with only those customers who are interested in your firm and would like to receive an updates on your activity.

Don’t forget to keep an updated record of how and when customers gave consent, as well as give them a chance to withdraw their consent at any time.

To sum it up, always be transparent about the way you process customers’ personal data and use it only for a specific purpose.

If want to learn more about alf or how to incorporate your company in France, contact us!