FOCUS ON GDPR
Here ’ s FIVE CRM ’ s guide to GDPR
What is it ? The General Data Protection Regulation ( GDPR ) is a new European ruling , which governs the data protection rights for all individuals within the European Union . It serves to strengthen and unify all data protection rules and practices across the EU .
What is changing ? GDPR will put the power back into an individual ’ s hands . They will gain the rights to access , amend , and restrict the personal data organisations have about them .
In the unfortunate event that an organisation suffers a data breach which could compromise the security of individual ’ s personal data , those individuals must be told within 72 hours of the start of the breach .
Individuals also have the “ right to portability ”, this is the right to move data and services to another provider with no hassle or strings attached .
Consent The greatest change within GDPR is the way consent is granted . Consent must be knowingly and willingly given by the individual , with organisations making their intentions for data use made clear . Soft opt-ins , implied consent , and hiding data policies within confusing T ’ s and C ’ s are all against GDPR rules .
Organisations must keep a record of why , when and how they were granted permission . There must also be details of what they were told at the time . If oral permission was granted , a script of what was said will work fine , call recordings are not essential .
Right to be forgotten Individuals will have the right to retract consent at any time , and have the “ right to be forgotten ”, which means that if they request an organisation to delete their data , it should be done so immediately . It must be deleted from all backups , and the organisation should have proof of the deletion .
Right of access Every EU citizen will have the right to ask how an organisation is using their personal data , where it ’ s used and why . They also have the right to request a digital copy of the data that is being held about the individual . Right to object
All individuals will have a legal right to opt out of marketing communications . If an individual does opt out you must withdraw them from that activity immediately .
Lawful reasoning There are six allowable reasons for processing someone ’ s personal data . These are :
• You have the consent from an individual
• If it is necessary for the performance of a contract with the data subject or to take steps to enter into a contract .
• If it is for the purposes of legitimate interests pursued by the controller or a third party , except where such interests are overridden by the interests , rights or freedoms of the data subject- It is for the purposes of legitimate interests pursued by the controller or a third party , except where such interests are overridden by the interests , rights or freedoms of the data subject
• Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
• If it is to protect the vital interests of a data subject or another individual
• It is needed for compliance with a legal obligation
Who does it apply to ? The new regulation will apply to any organisation around the world , who deal with EU residents . While there is a possibility it can change , it currently applies to both B2B and B2C .
@ FIVECRM
What will you be able to do ? You can call and email organisations , as these are generic and not personal data .
It is currently unclear by the EU and ICO if you can contact potential clients through social media platforms .
Take action now You must be compliant of this regulation by May 25 , 2018 , otherwise you could face penalties of up to € 20 million or 4 % of your companies worldwide annual turnover ( whichever of the figures are greater ).
To find out more you can receive a copy of their leaflet , go to https :// fivecrm . com / gdpr-leaflet or take their GDPR quiz visit : https :// fivecrm . com / gdpr-quiz
To book a demo of the new Personal Data Rights Management System go to : https :// fivecrm . com / trial
CARDWAVE ’ S THOUGHTS ON GDPR
Paul Norbury , founder and Chief Executive of Devizes-based Cardwave Services Ltd , is a true expert when it comes to flash technology . Paul ’ s passion for flash memory began over 17 years ago , long before smart phones and tablet computers were invented , and before SD cards and USB drives existed !
|
Founded in 2004 , today Cardwave is proud to be a market leader in the flash memory market , a trusted advisor and the go-to company for world-class companies in the automotive , IT , medical and many other sectors . Cardwave ’ s passion for data , and keeping it secure , also extends to products and services relevant to SMEs and individuals .
How can Cardwave help businesses prepare for the EU GDPR regulations ?
There ’ s no denying that the GDPR is a big deal . We ’ ve known about the new legislation since April 2016 but worryingly data breach stats and research indicate that the majority of UK businesses are still far from ready . In October press headlines included ‘“ Heathrow probe after ‘ security files found on USB stick ’”.
Preparing for the new EU General Data
|
Protection Regulations isn ’ t a quick or easy job , but the ramifications of not being ready don ’ t bear thinking about . One aspect of data security ( and EU GDPR compliance ) that you can tick off your list quickly , easily and at little cost , is that of keeping data safe on the move . Hardware encrypted USB3.0 flash drives , such as SafeToGo ® from Cardwave , offer the perfect solution .
Tell us more about the relevance of SafeToGo and the EU GDPR
SafeToGo boasts AES 256-bit XTS hardware encryption , which prevents any unauthorised access and keeps your sensitive files 100 % safe . This means that should a SafeToGo drive be lost or stolen , what could have been a serious data breach , will be downgraded to just a security breach , and no fine will be incurred .
|
What have been the highlights of 2017 for you ?
The company has continued to grow despite a difficult market , but a highlight has to be SafeToGo being named a finalist in the 2017 Computing Security Awards ( Encryption Solution of the Year ) awards . Cardwave was also featured as a company of best practice within the Parliamentary Review - http :// tinyurl . com / y9yaao5k , that was something I am very proud of .
And looking ahead at 2018 , what are you excited about ?
Firstly , and most importantly , Swindon Wildcats winning lots of silverware ! ( Note : Paul is a massive Wildcats fan / supporter . So much so that Cardwave is an official Swindon Wildcats sponsor ).
Business wise , 2018 is all about the EU GDPR and data security . We ’ re committed to
|
|
helping businesses achieve compliance for data on the move ahead of May . SafeToGo can now be bought via our Amazon shop , as well as through our authorised distributors and resellers , and we ’ ll be launching SafeToGo Solo ( an unmanaged option ) for individuals and small businesses early in the New Year .
We ’ re also busy launching SmartDrive™ in the UK and Europe – www . smartdriveusb . co . uk . SmartDrive is a USB drive that delivers more , it is a self-updating flash drive that works with a Content Management System . This is a really exciting product and the functionality will benefit all sorts of businesses .
For more info : www . cardwaveservices . com
@ Cardwave _ svs
|
|
|
|
THE BUSINESS EXCHANGE 2017 27 |