What is GDPR?
GDPR, generally speaking, is great news, both for you as an individual and as businesses.
GDPR is the evolution of the old Data Protection Act. While it’s an EU regulation, the UK were instrumental in drafting it and it is replacing the Data Protection Act. The Brexit stuff we’re in the middle of will have no impact whatsoever – even if it wasn’t replacing our Data Protection Act. The reason, it applies to any business that holds information on any EU citizen – regardless of where they reside. It means that any company anywhere in the world that holds data on an EU citizen, regardless of whether they’re American, Chinese, Korean or Indian, have to abide by GDPR as well.
At its core GDPR is pretty straight forward. Its objective is to protect us as individuals and force companies to be transparent about the data they hold on us, who they share it with and that they keep it safe. It allows us to see what personal information companies hold on us, what they do with it and to have it deleted, amended, erased or sent to us digitally if we wish. Whether it’s Google, Facebook, Amazon, John Lewis, your local shop or your acupuncturist, they all have to allow us access to our data and ensure they have adequate protective security measures in place.
As it stands right now, we have no idea what most companies know about us, what they do with our information, who they share it with or how. GDPR puts people first. Ahead of big companies and yes, even small companies and businesses. GDPR puts our data back in our control.
Have you ever been on your laptop looking online to buy something, say a sofa, and then two days later you’re on a completely different website – perhaps using your mobile phone instead of your laptop – and ads for sofas start popping up? Most of us have had that spooky experience. From May 25th we'll be able to know how the site got this information and stop it being shared if we wish.
Long and short of it GDPR is great news.