At affinity we have been preparing ourselves for the General Data Protection Regulation (GDPR) that comes into effect in May 2018. This new regulation doesn’t just impact us as an advertising and marketing agency, but will also impact all businesses across Europe.
Although there has been a lot of conversations about GDPR in the industry for a while, a number of businesses are unfamiliar with how it will impact their company. GDPR is a regulation by which the European Parliament, the Council of the European Union and the European Commission have strengthened and unify data protection for all individuals within the European Union. GDPR will replace the data protection directive of 1995 and primarily aims to give control back to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The regulation was adopted in 2016, however it becomes enforceable from 25 May 2018. Failure to comply could have costly implications with fines up to 4% of their annual global turnover.
GDPR will impact how businesses collect, store and use data on our client’s behalf. The new regulation means that all businesses have a duty to protect the data we gather on our client’s customers. This duty to protect privacy data will extend beyond traditional personal information data and will also include information such as location, IP and device ID. It will also impact on how we use data and, specifically, how we target advertising campaigns.
Agencies will need to be able to assure their clients that they are adhering to the new regulation and protecting all data they collect or use on their client’s behalf. This will not just cover the data the agency collects but also ensuring the transfer of private data via third parties are fully protected. It also means that when agencies purchase data on behalf of client’s, the third party they work with need to be following the new regulation rules.
For agencies GDPR will mean that they have to be able to assure their clients that they are fully cooperating with the regulation, as a client will be held responsible if they work with an agency that is not following the regulation.
At affinity we are working hard to ensure that we are fully GDPR compliant for when the regulation comes into affect. This means that we are not only working internally to make sure everyone who works at affinity is aware of the new regulations, how it will impact clients and what we all need to do to be compliant; but we are also working to ensure that we only partner with third parties that are fully compliant as well, so that our clients can be sure that working with us will mean that we follow the GDPR at all times.