GDPR - our journey to compliance

by Kate Ross

GDPR is the new data protection regulation which has come into force across the EU, needing full compliance by 25th May 2018. If you're unaware of it, you can read more here - https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

As you may well know, this regulation will have far-reaching consequences for the ways in which businesses handle customer data. One part of this legislation will specifically impact digital marketing. We want to ensure that all digital marketing our clients pass through us is GDPR compliant in good time for the 25th May 2018 deadline. We will, therefore, be in touch with each of our clients over the coming months with updates of our journey to compliance, and how it may affect them.

There will be challenges and new restrictions as part of this process - so we may not always be the bearer of good news. But we hope we'll be able to work collaboratively with our clients to ensure we not only overcome GDPR's challenges but also embrace its opportunities.

To give you a flavour of the changes eight&four will be making internally to ensure customer data is secure, please take a look at some of the key aspects of the regulation below:

  • For security purposes, we will move away from providing hosting services, instead signposting clients to GDPR expert hosting companies
  • We will be setting up new secure data transfer systems for when customer data needs to be transferred to us, so our clients can be reassured as the data controller that their data is being transferred in a GDPR compliant way
  • We will have a new Data Retention Policy ensuring we don't retain customer data any longer than we need to, reducing the risk of data breaches
  • We will advise on GDPR compliant data collection going forward as part of any digital marketing we run for our clients - from social competitions and custom lists to building new email databases
  • We will ensure that any platforms we use on our client's behalf (eg. Google, Facebook, Mailchimp) have confirmed they are GDPR compliant

We are here to work in partnership with our clients to ensure the digital marketing we undertake together is GDPR compliant. If you'd like to talk about how we can help you ensure your digital marketing is GDPR compliant, then just get in touch.