General Data Protection Regulation (GDPR)
04
Oct

In the UK, the General Data Protection Regulation (GDPR) will replace the Data Protection Act 1998 (DPA) with the same law that will apply to all 28 EU member states. The Government have confirmed Brexit will not affect the commencement of the GDPR in the UK.
 
GDPR was adopted on 27th April 2016 but becomes enforceable law from 25th May 2018 with potential heavy fines for companies that do not comply.

The Six Principles of GDPR
 
Personal data shall be:
 
1. Processed lawfully, fairly and transparently
2. Collected for specified, explicit and legitimate purposes 
3. Adequate, relevant and limited to what is necessary for the processing
4. Accurate and kept up to date 
5. Kept only for as long as is necessary for processing 
6. Processed in a manner that ensures its security
 
For Contacts to be kept on a Mailing List you need to be able to demonstrate auditable consent. Contacts can also request “the right to be forgotten”.
 
Get Ready
 
As an agency owner, you will need to ensure you are fully compliant. The transition period gives you plenty of time to prepare. Some practical steps you can take are to understand what personal data you hold, review your 3rd party relationships, document your processing activities and apply technical and organisations measures including your policies and procedures covering data protection, information security and data breaches. 
 
Acquaint & GDPR 

Although Acquaint already has Marketing Preference options per Contact, we are adding new functionality in Version 12 to help you adhere to GDPR:

1. Anonymisation of Contacts, the "right to be forgotten" - this function will remove all personal contact details, documents, notes etc. but will leave anonymous transactional data in place if historical reports are required to be produced.

2. Double opt-in of Marketing Preferences - new Contacts will be required to confirm their marketing preferences (Telephone, Email and Post). It is also possible to bulk send these confirmations to existing contacts. For example you may want to re-confirm the Marketing Preferences for everyone in your database.

3. Registration emails from portals - when importing registration emails Contacts will still be automatically added but their marketing preferences will be turned off/opted-out by default. These contacts can then be subsequently sent an opt-in email.


When Can I Get Acquaint Version 12

We aim to release Version 12 at the start of December 2017.

Additional Reading

https://ico.org.uk/for-organisations/data-protection-reform/
http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf

Date Added 04/10/2017