What the GDPR covers
Personal data must be handled with the utmost care. This data not only includes a person’s name, date of birth and address: according to the GDPR, an IP address also directly relates to an individual.
There are four main points to consider when handling personal data:
The information obligation: no matter whether analogue, photographic or digital, whenever users’ data is collected, they must be informed about precisely how their data is saved and processed.
The rights of the persons affected afford every individual the right to access data held about them along with the so-called “right to be forgotten” (i.e. to have data relating to them deleted). Individuals must also be able to correct data about them, have it transferred or revoke their consent to data being collected.
A register of processing activities must record contact details, the reason for the data processing and a description of the data categories.
What’s more, data privacy must be considered at the initial design stages and throughout development of processes and applications. Privacy by design and by default dictates that, as a fundamental rule, data should only be collected if it is relevant to provision of a service or product and such data collection is absolutely essential. This should put an end to the unrestricted, rather manic compulsion to collect data.
How we’re dealing with it
As a data processing and communications service provider, we consider it our responsibility to support our clients as they seek to conform to the GDPR. Our specialist GDPR contact number has been ringing off the hook for weeks, with all manner of queries about cookies, data privacy statements, mandatory fields in online forms, etc. However, we do more than simply provide information on the provisions of the new legislation: we also adjust and adapt applications and websites we manage for our clients. By doing so, we ensure that these four letters afford everyone affected a feeling of security rather than discomfort and worry.
The last thing we would want for ourselves and our clients is to suffer a rude awakening and have to deal with penalties for failing to adhere to the new regulations. As is so often the case, prevention is the best protection.
To make sure this isn’t the last newsletter you get…
…we need your active consent to receiving this concentrated blast of information and other important news from Identum.
To agree to this, click the opt-in link by 25 May, or else we’ll be forced to opt you out as an artefact dating from pre-GDPR times.
We hope you’ll hear from us again in future. Of course, your data is always safe with us!