In 1995, the first directive was created to set ground rules for data collection. Since that time, the online world has changed dramatically, and there is a great need to create new privacy regulations to compensate. GDPR is the European Union’s response to corporate over-reach and violation of individual privacy.
There’s no getting around it, new regulations are coming and e-commerce is panicking. The General Data Protection Regulation will be enforced from May 26, 2018 and the pressure is on. This is not a minor Act, and is to be taken seriously, which is why Exponea has taken on the role of assisting its clients in becoming GDPR compliant.
Exponea is a marketing automation and customer data management platform that improves its clients’ culture with a focus on customer-centric activities. The company fully understands the importance of helping clients become GDPR compliant. Exponea is offering clients the assistance needed to get GDPR ready.
The new laws will apply to any entity that collects data from subjects within the EU, regardless of the entity’s location. It has been designed to protect data subjects whose information has been collected by those who are offering any goods or services, online, to EU citizens.
Exponea recognizes the ramifications that may arise for online clients and is taking significant steps to aid them in compliance preparation.
E-commerce now has an obligation to clearly state what customer data is needed and for what, with whom it will be shared, in which countries, and for how long it will be held. A lot is at stake in this new environment, with penalties possible in the millions of Euros. As daunting as this may seem, the upside is that there are plenty of opportunities. Knowing this, Exponea now possesses ISO 9001 and ISO 27001 certificates. The former is for Quality Management, the latter, Information Security Management. The certifications obtained assure that Exponea has taken necessary measures to adhere to new regulation standards. Not stopping there, the company has already received GDPR Insurance, one of the first companies in the EU.
Additionally, the company has been working closely with the co-authors of GDPR and Exponea has onboarded an internal expert who advises local offices on Data Protection. Exponea is offering e-commerce a beacon in the darkness as the need for security protocols and processes have never been greater.
The EU has brought on multitudes of investigators, tasked from day one with making examples of companies non-compliant with the newly implemented regulations. They will want to hit companies quickly and aggressively in the online retail industry to show that GDPR is to be taken seriously.
Here are some critical elements that should be considered about GDPR.
- Data processors are legally responsible, even for the faults of suppliers and solution providers.
- Far too many companies do not have a data-flow map of all third party providers, which is the pipeline of customer data, contracts and GDPR requirements.
- Users must be granted all required rights. Companies must be able to provide a copy of an individual’s personal data (free of charge) and erase, if requested.
- A plan must be in place to communicate with authorities and customers within 72 hours of any breach in data security.
Failure to comply with these new regulations can, and most definitely will, result in fines that are going to profoundly affect online retailers – as much as €20 million or 4% of global revenue, whichever is greater.