Really in-the-know

Learn the latest B2B marketing industry trends, techniques and news stories on our B2B blog to stay ahead of your competition

The General Data Protection Regulation and the Brexit

Posted by Kenneth Connolly on 23-Jun-2016 10:00:42

So, unless you’ve been hiding under a rock with your fingers in your ears for the past few months, you’ll no doubt be aware of the Brexit referendum today. This is, of course, the UK’s opportunity to choose whether it stays as part of the EU or not. Now, disregarding all of the apparent ‘scaremongering’ and campaign ‘spin’, some marketers may be thinking that leaving the EU will mean we can avoid the new GDPR… but that’s possibly not the case. Whether the country Brexits or not, any UK that has dealings with the EU will likely still have a responsibility to comply with the new data laws. Following a departure from Europe, the UK will likely negotiate a new data framework, but in the meantime, it’s safer to just assume GDPR is still on its way. So what does this mean for you?

GDPR__Brexit_1.jpg

Requirements to comply

The new GDPR which is due to come into force in 2018, will place certain requirements on marketers which include…

  • Registering as a data controller processor
  • Employing a data protection officer data controller and processor
  • Answering to the enforcers of the new GDPR
  • Protecting your prospects and customers
  • New reporting procedures of any breaches
  • Restrictions on profiling your customers
  • Demonstrating your commitment to conformity
  • Changes to the way you work with data partners or agencies
  • Data privacy by default and by design

Now, for organisations that are already compliant with the current Data Protection Act (DPA), the changes to their activities should cause minimal disruption. However, for marketers not currently achieving the highest level of conformity to the DPA, the changes needed to avoid repercussions from the GDPR enforcers could be comprehensive. What about the marketers and companies that fail to comply with the new data laws? Well…

Data breaches could costs millions

Based on the severity of the regulatory breach and also whether it’s a first offence, the GDPR penalties range from a written notice, to multi-million Euro fines…

  • Written warning - for first, non-intentional breaches
  • A fine of up to €250,000 or 0.5% of the controller’s annual worldwide turnover - for failing to provide a mechanism for data subjects to exercise their rights
  • A fine of up to €500,000 or 1% of the controller’s annual worldwide turnover - for failing to offer information to data subjects or to allow subject access, or failure to comply with the right to be forgotten
  • A fine of up to €100 million or 2-5% of the controller’s annual worldwide turnover – for processing personal data without a valid processing condition, failure to comply with the conditions relating to profiling and other more serious breaches of the regulation

As you can see, sitting back and hoping the Brexit will magically remove the responsibility to comply with the GDPR could be an extremely costly approach. So, to ensure you are up to date and working towards GDPR compliance in your business, simply…

Download your copy of The B2B marketers guide to Data Protection changes in the UK and Europe

Topics: B2B marketing, b2b GDPR laws, DGPR, b2b marketing brexit, General data protection regulation, b2b marketing GDPR