breath in and read on
1) The aim of the GDPR is to protect all EU citizens' personal data.
2) The GDPRs are relevant if you are a business based in the EU as well as if you are a business dealing with customers within the EU.
3) You can no longer put a statement and make a customer tick a box accepting T&Cs. Customers need to give exclusive consent by being presented with clear and plain language. It must be as easy to withdraw consent as it is to give it.
4) If not compliant, you could be fined 4% of annual global turnover or €20 Million (whichever is greater.)
5) You breach the law? You have 72 hours to make things right.
6) Customers will have the right to ask what personal details you keep in your record and how you use their information.
7) Customers will have the right to ask you to erase their details.
8) any internal systems which store personal information need to be secure and compliant.
9) You need to appoint a Data Protection Officer who will be the one making sure you are compliant.
If your still unsure, then contact our team here at CounterSnipe and see how we can help.