Mike Richardson, managing director for Europe, Middle East and Africa at Maximizer Software in Bracknell, takes part in a Q and A about the new data legislation set to affect businesses across the country...

What is the GDPR?

The General Data Protection Regulation (GDPR) comes into force on May 25 and supersedes the Data Protection Act (DPA). It gives us – as citizens, consumers or employees – greater control over our personal information through stringent new rules governing how organisations treat personal data.

There are heavy fines for non-compliance.

What are the main obligations?

GDPR demands transparency, security, accuracy and accountability.

Through clear privacy notices, organisations must set out how they collect, use, share and store personal data.

They must be able to give individuals access to, and control over, that data.

One of six lawful reasons must be determined in order to process personal data, and you must state the reason within your privacy notice.

Crucially, compliance must be demonstrated through “appropriate technical and organisational measures”.

What does this mean for businesses?

Know your responsibilities. Understand your data by mapping its ‘journey’ within your company. Only then you can analyse your current processes, identify gaps and necessary changes.

Databases may be whittled down substantially.

Will your existing systems support complex data management?

Spreadsheets will not cut it. The right Customer Relationship Management (CRM) solution will help to centralise, track and audit your data, and to automate rules such as removing ‘opt-outs’.

Detailed privacy policies must be formulated. In practice, external specialists are often required. We chose to partner with Bridewell Consulting in Reading to guide us through our own compliance process and so that we can confidently advise customers based on first-hand experience.

Is there a commercial gain?

Absolutely. How can you market your company effectively if your data isn’t accurate or up-to-date, or if you’re not sure your contacts want to hear from you? Robust and transparent data protection procedures reassure customers that you respect their rights, thereby fostering stronger relationships and giving you a competitive edge.

For more information about maximizer click here

For more information about the new legislation click here