Date: 27th April, 2018
The Nokia 3310 (released in 2000) could hold 1kb of data. Fast forward to 2015, and the iphone X can hold 265GB, that's 268,000,000 times the amount of data!
As of May 25th, 2018, GDPR replaces the Data Protection Act of 1998 and Privacy and Electronic Communications Regulations 2003 (PECR). This means that from 25th May, consent must be:
- Separated from T&Cs
- Informed and unambiguous, which means the user has to clearly opt-in by ticking a box - no more pre-ticked boxes or assuming opt-in.
The new way of opting in will require simple ways for the user to withdraw consent, depending on whether it’s B2B vs B2C data. Consent is for personal information, anything from the name to biometric data of a user. Person data must be:
- Processed lawfully, fairly and transparently
- Collected for specific, explicit and legitimate purposes
- Collected for the purpose specified
- Accurate and up-to-date
- In an identifiable format
- Processed securely.
Individuals have rights and if regulations aren’t enforced fines could be up to £20 million or 4% of turnover, whichever is greater, so it's important this isn’t ignored.
We've created this helpful guide to give you a hand. For more information download our GDPR guide.