As the EU rolls out its much-anticipated General Data Protection Regulation (GDPR) mandate, international markets are bracing for the fallout that will ensnare global companies that are cited for non-compliance. With fines for non-compliant companies that are equal to 4% of global revenue, the costs to wayward companies can be staggering. EU’s new individual privacy protections encompass the collection, storage, and transfer of personal data pertaining to all customers located in the EU. Although Great Britain’s future in the EU is uncertain, the United Kingdom has agreed to participate in GDPR regardless of the “Brexit” outcome.
GDPR has huge implications for enterprises in how they manage and utilize personal data collected from individuals in the course of doing business with them. Richard Montes De Oca, a Managing Partner with Miami-based MDO Partners, has compiled a list of top 10 tips to employ in order to avoid the ire of GDPR’s regulators.
If you’re looking for GDPR compliance, start here:
- Document the personal data that you collect. Information that acts as “identifiers” apply to this rule (e.g. date of birth, email, home address, identification numbers, etc.).
- Disclose how the data is stored. Describe the nature of how and where the data is kept (e.g., private server or third-party data storage provider).
- Publish and designate a concise Privacy Notice to customers. It must convey clear information such as a definition of GDPR,why it applies to the customer, what efforts the company is making to keep in compliance and contact information that the individual can address any questions.
- Update Privacy Policies regularly. The policy should articulate why the information is collected and how it is being used.
- Obtain consents and permit information withdrawal option. All companies must receive customer consents allowing them to opt in or out of the permissions.
- Provide training for personnel. All employees involved in securing, managing, and storing private data must be well versed in all GDPR compliance protocols.
- All privacy rights must be adhered to. GDPR mandates that all individuals have the right to have their personal data”deleted, corrected, and transferred”.
- All compliance efforts must be documented and maintained. Records of all compliance efforts must be kept in order to document compliance record interaction with each individual.
- Establish Data Breach Response Procedures. The GDPR mandate requires all companies to report breaches to GDPR’s Information Commissioners Office and possibly to individuals with personal the nature of the information involved in the breach.
Proper GDPR compliance begins with accuracy in the customer information data collected. Increasingly, companies are turning to services such as Validity’s BriteVerify to ensure the accuracy of each email that is entered into the database. Invalid email addresses are the Achilles’ heel of a business’s database. Validity estimates that more than 15%of email addresses used by businesses are inaccurate. BriteVerify works with your CRM platform by offering real-time email verification every time an email.
BriteVerify’s enterprise application assures compliance with the highest security standards in the world including TRUSTe, Privacy Shield, as well as GDPR. Our real-time API is a simple web service that allows developers to verify individual email addresses on demand as a user enters them in a web form or mobile application. BriteVerify API offers a great solution to clean email lists at the point of contact on web lead forms, at trade shows, where ever emails are entered into the database in real time.
Best of all, Validity’s BriteVerify contributes to the bottom line with an improved ROI, increased campaign deliverability, and cleaner databases. For more information on how BriteVerify can contribute to your bottom line, contact us today.