What is GDPR?
The General Data Protection Regulation (GDPR) is a new EU-wide legislation that will reform laws around the handling of personal data. It will have a major impact on organisations across all industry sectors and will require them to review their processes to ensure they are compliant with the new Regulation.
The GDPR replaces the European Data Protection Directive (95/46/EC) - which did not have legislative authority - and has a deadline of May 2018 for organisations to complete their transition to become compliant with the new laws.
Which data does it refer to?
The changes apply to all EU citizens' personal data, even if it is collected, stored or processed outside the EU.
Companies which collect or store personal data – such as email addresses, date of birth and telephone numbers – are required to comply with the GDPR.
Notable changes include:
- Stricter consent rules, meaning data can only be processed if the individual has given unambiguous, informed consent (i.e. "opted-in")
- Individuals will have more rights over their data, including the right to have their personal data removed from digital marketing
- Organisations will be required to give notification of any data breach
- Increased accountability measures
- Substantial financial penalties for organisation which fail to comply with the legislation
What does this mean for Reward Gateway, our clients and our clients' employees?
As we collect personal data for each client's employees in order to register them on their employee benefits programme – as well as additional data for things like Childcare Vouchers – we are currently reviewing our processes and policies to ensure we are 100% compliant with the GDPR.
Our review has already started and our transition to becoming compliant with the new legislation will be complete before May 2018.
We are currently working on further documentation detailing the changes we'll be making to ensure compliance. This documentation will be shared with all our clients within the EU by May 2018.
If more immediate information is required by clients before then, please get in touch with a Client Success Manager who will be happy to help.