Brexit and the GDPR
Does Brexit affect your compliance to the EU General Data Protection Regulation?
What data regulations now apply to UK businesses?
Before the GDPR was proposed in January 2012 by the European Commission and approved by the European Parliament in April 2016, UK and EU businesses operated under the Data Protection Directive. However, on June 23rd 2016, the UK public decided to leave the European Union. So what does Brexit and the GDPR mean for UK marketers moving forward?
In short, until Article 50 is triggered and the conditions of the UK’s exit from the EU finalised, B2B marketers will still need to comply with the new legislation. After the conditions of our leave have been set, it is likely we will still have to have similar if not an identical regulation in place in order to continue doing business with EU citizen’s data.
What you need to know
What is the difference between the EU GDPR and the Data Protection Directive?
In the past, we operated under a directive. This meant the EU states were bound to achieve a necessary result, but it was up to their national authorities to establish how they reached this. With a regulation, we must comply with the application to achieve the result.
Why has this come into place? Because marketers have taken advantage of the data at their disposal. The regulation has been put in place in order to make sure organisations are balancing the right to privacy versus the right to market to individuals.
What rules has the General Data Protection Regulation introduced?
Given the past attitude to individuals data, the new regulation has been brought into place to give consumers control of their data. It means that companies are now going to have to be completely transparent about what they are using their data for. They will be held accountable for any data they have, which means they will need to keep records and be clearer about their policies – in particular, their privacy and cookie policies.
Most importantly, they will need to get consent from their contacts in order to market to them. They must get consent for everything they wish to use an individuals data for. Hence, the new double opt-in process, asking for consent.
How can you prepare your marketing for Brexit and the GDPR?
The GDPR comes into force on the 25th May 2018. While the UK may well have left the EU by then, it is better to err on the side of caution and make sure all your data complies to the GDPR before then. In order to do this, you need to start the double opt-in process with your data. With Brexit and the GDPR coming into force, any data that hasn’t given their express consent to receive your communications before the 25th May 2018 will no longer be able to be marketed too.