How will GDPR requirements affect your business + FREE legal templates!

As you’ve probably noticed from all the press stories, advice seminars and social media discussion, there’s just a month left until the new GDPR legislation comes into force on 25th May.

Image of phone with padlock and letters GDPR on screen - GDPR requirements

This will give the data’s owner (usually the person that it’s about) more rights and impose greater fines and penalties on businesses that misuse personal information. It also increases the regulation of data security and data processing.

Does it really matter?

So, will GDPR requirements really affect your business? Well, if you collect or handle any personal data, the answer’s a resounding ‘yes’! You’ll need an updated privacy policy in place by the deadline which must be clear, concise, and easy to read. It also applies in a B2B context where owners or employees use an email address from which they can be identified.

What do I need to do?

Under the GDPR your privacy policy must specify:

  1. The identity of the data controller

This will be you – the organisation that has collected the data subject’s information.

  1. What choices the data subject has

The principle of ‘fair processing’ under GDPR means that individuals must have control of their personal data. Individuals must be able to request the deletion of their data and it must be clear how they can do that.

  1. What information is being collected

You’ll need to be clear and specific about what data you’re collecting and why you’re collecting it. This will most likely be an individual’s name, address and email.

  1. How long is the personal data kept

Under GDPR, it’s necessary to tell the individual how long the data will be kept for. If this cannot be determined, then the data subject must be notified within the Privacy Policy. You can no longer state that the data will be kept for ‘as long as necessary’.

  1. With whom you will share the information

Government agencies may have a right to request certain data and if you share it with others then you need to specify this.

There are a few other requirements in the new legislation too and you can find a full list of new detailed requirements in Legalo’s helpful blog article here.

FREE legal policy templates for MMD customers!

We’re also excited to have partnered with Legalo to be able to offer FREE access for MMD clients to some of their most popular web compliance templates:

  • GDPR-compliant privacy policy (including a cookies policy)
  • website terms of use (including an acceptable use policy)
  • email disclaimer

If you’re an MMD customer and would like to claim these, just get in touch!