So What’s Different About GDPR?
GDPR is nothing new, it is an evolution of existing policy. Anyone who is already complying with the Data Protection Act, should be some way down the road towards compliance.
There are, however, some key points that differ from the existing legislation. These changes are designed to ensure that EU residents have far more control and understanding over how, when and why their personal data is being used.
There are also some subtle enhancements to existing rules. For example, even though individuals have always been able to make information requests to see what data a company holds on them, it is now a legal requirement that these requests are handled free of charge.
So, when your business collects, processes or stores personal information, you must ensure:
- It is processed lawfully, fairly and in a transparent manner
- The data is processed for a specified, explicit and legitimate purpose
- All information held is relevant
- All data is accurate and up-to-date
- You do not keep data for any longer than necessary
- Information is handled and processed in a way that maintains security
- Consent has been obtained for any new and existing data that you hold or process
- You have a lawful basis for processing the data
What are the key differences between GDPR and the Data Protection Act 1995?
- Companies will be held far more responsible for the data they hold and process
- Fines for breaching GDPR and the misuse of personal data have been drastically increased. The maximum fine under GDPR is now either £20 million or 4% of worldwide turnover, depending which is higher
- If an individual can potentially be identified by a pseudonym, username or other unique handle, then their data will now be protected under the updated regulations
- Sensitive personal data now includes genetic and biometric data
- Consent was previously defined as “the data subject has given consent to the processing of data”. Under the new regulations, this now means “the data subject has given consent to the processing of data for one or more specific purposes”
- GDPR also brings in additional protection for children’s personal data, particularly for commercial internet services such as social networks. They will now require a parent/ guardian’s consent to process data of a child under 16 years old (although this may be lowered to 13 in the UK). This consent must be recorded, verifiable and written in a language that children will understand.
What can Lead Forensics do for your business?
Imagine if you could take control of your lead generation activity and convert sales-ready prospects, before your competitors even get close? Lead Forensics is the software that reveals the identity of your anonymous website visitors, and turns them into actionable sales-ready leads. In real-time.
Lead Forensics can:
- Tell you who is visiting your website
- Provide highly valuable contact information including telephone numbers and email addresses
- Give insight into what each visitor has looked at, as well as where they came from.
Take a look for yourself with a free, no obligation trial – you can get started today!