So you’re confident your business and website doesn’t fall under the scope of GDPR. But have you considered it might be worth taking steps to compliance anyway?
Here are five reasons we believe it might be a good idea.
1. Show your customers you care.
If you’re geographically exempt from the GDPR, then chances are good that your competitors are too. Changes are also good then, that they’re not doing anything to comply with GDPR. This means that by taking steps towards compliance, particularly on your public facing website(s), your customers will quickly see the difference between you and your competitors, giving you a warm and fuzzy brand boost.
2. Your competitors might do it first.
On the flipside to point 1, it’s also possible that your competitors are in fact taking steps towards compliance. Should this be the case, then your customers will start seeing very pro-active messages on your competitors website, but silence from you – which leaves only their imagination to guess why. In the digital world, getting left behind can be costly.
3. Know where your data is going.
In the modern online world, personal data is arguably the biggest commodity being traded; and also less-arguably the asset needing the highest degree of protection. What many people aren’t aware of (as it’s not publicised) is that modern software systems deployed online through ad networks, re-marketing tools and analytics platforms (and chances are you use at least one of these on your website) don’t need you to fill out a form to gather reams of information about you.
Nowadays, web trackers are able to use your IP address (the location from where your computer connects to the internet), pages you visit, links you click, things you buy, articles you read and more to build extensive personal data profiles that go way beyond your name and where you live.
Beyond web behaviour tracking and personal data profiling, the black market for personal data is burgeoning, which means these days we see huge volumes of automated and manual hacking attempts on all public facing websites and corporate systems.
With enough personal data (and they don’t need much), malicious actors are increasingly engaging in identity theft, fraud, and monetary theft through social engineering.
In all of these cases, it’s not cool to find yourself responsible for the loss of privacy of your visitors, customers or staff. The first step to this is knowing what data you’re gathering, what data third parties are collecting (e.g. website analytics), where it is going and what is being done with it.
GDPR makes this data flow auditing mandatory, and for the reasons outlined above (and for many others) there’s no denying that this can only be a good thing.
4. YOU are a data subject
GDPR is all about protecting personal data. It’s about preventing corporations being able to profile, target and even discriminate against you using data that has been unscrupulously harvested from all over the internet and connected computer systems. It’s about minimising your risk of identity theft, of political persecution and of corporate meddling in your life.
If the standards required by GDPR become widely adopted, then you, personally, will benefit from these extra, increasingly relevant protections.
5. Wider global adoption is likely
The US is currently working on a similar piece of legislation. The UK is drafting it’s directives for post-Brexit. Australia already has several acts in place and are expected by many experts to bring in tougher legislation in light of the GDPR.
Privacy and data protection is becoming the new norm, as well it should be. With the shock waves of the GDPR starting to ripple through the online world, there are a number of organisations (including ours) dedicating time to the pursuit of expert understanding of the new regulations, and providing well thought out, pragmatic solutions for organisations globally.
Acting now means getting in on the action while some of the best analytical minds in the world are fully focussed on the task and developing solutions that could directly benefit you.
Acting now also means that when new legislation inevitably comes in that does directly apply to you or your organisation, you’ll be able to sit back and focus on your business while your competitors panic to comply.
Acting now will ensure you remain at the forefront of the new privacy movement; which isn’t going away.