GDPR European General Data Protection Regulation
The GDPR (General Data Protection Regulation) is a new EU Regulation that enhances the protection of the personal data of EU and UK individuals. Additionally, it increases the obligations of organizations who collect, store, and process data. It applies to anyone in the world who offers goods or services or monitors the behavior of European Union and United Kingdom individuals. The GDPR will apply if you’re based outside of the EU, but you control or process data of EU citizens. There are 99 detailed articles in the GDPR, and penalties for violations may exceed $20 million. To meet GDPR requirements you must be able to find, edit, and delete any personal data about anyone in the EU or UK. So what does this mean for you? We’ll explain below.
Sending Mail to Europe? Get Consent
The Right to Consent is important for mailers. Consent must be given by any EU or UK resident to use their personal data. “Personal data” is defined as “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address”. This must be done with “a statement or a clear affirmative action”. In other words, your clients’ customers in Europe receiving mail must have opted in. To date, there is no “do not mail” list, but we’ll keep you up to date on any developments.
GDPR Understanding Individuals Rights
In addition to The Right to Consent, individuals also have The Right of Access, The Right of Rectification, and The Right to Be Forgotten. The Right of Access gives in individuals the right to obtain a copy of the information held about them. Additionally, they also have the right to know where the information is stored, who can access it, how they access it, and the reasons for access. The Right of Rectification allows individuals to correct inaccurate or discriminatory data. Lastly, The Right to Be Forgotten grants EU and UK individuals to request that any or all information be deleted.
The European General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. We have a process in place to ensure full GDPR compliance. First, data is gathered and parsed. After that, hygiene corrections are made for phone numbers, email addresses and physical addresses. Finally, merging, matching, and cascading is performed to create master records. The master records can then be updated with metadata when / if individuals change permissions or update their information. For more information about this process please call 800-852-0889 or send us an email firstname.lastname@example.org
Contact us today, and you can save big on your next international mailing.
The full GDPR regulation can be found here.