The new General Data Protection Regulation (GDPR), which is due to come into play on 25th May 2018, will affect the data operations of any company in the UK, regardless of their size or market reach.
This EU legislation will replace the existing Data Protection Act from 1998, which, after the rapid advancement of digital technology and the wider use of the web in the last 20 years, is no longer considered fit for purpose.
Despite the UK’s intentions to leave the European Union in 2019, businesses have no choice but to follow the regulations to the letter if they want to avoid hefty fines of up to 4% of their yearly revenue or 20,000 euros (whichever is greater).
What does the GDPR mean for CLR?
CLR is dedicated to delivering a service that is best-in-class. When it comes to protecting and safeguarding our clients’ data, we have always taken our responsibilities seriously which is why we have already adopted the new GDPR regulations and have been fully compliant since January 2018.
As you can imagine, we’ve built an extensive database of contacts over the years while we have been helping hundreds of individuals relocate worldwide. The new regulations state that all the data we hold must be processed lawfully, transparently, and for a specific purpose.
To continue our promise to keep your data safe and to obtain consent, we will be asking all of our clients and contacts to opt-in to various types of communications from all major channels. We will be telling them exactly how we plan to use their information, whether it be for analytics, customer profiling or marketing purposes – and if we don’t have consent from them that gives us explicit permission to use their data, we will remove them from our database straightaway, no questions asked.
If some customers change their minds further down the line, we will make it easy for them to withdraw their personal data from our lists. This reflects the individual’s right to object.
The regulations also state that we now have a legal obligation to protect all data using appropriate instruments and systems. To ensure we are fully compliant, our team have reviewed all of our servers and security practices, and upgraded them where necessary. If you require any further information, you can contact us at any time to discuss our security methods in more detail.
The GDPR is certainly going to challenge many companies that have not considered their internal approach towards data collection and storage up until now. Thankfully, though, CLR has always made data protection a priority. By reviewing our processes, implementing new opt-in features on our website, and explaining all our actions and intentions in clear, simple terms, we are already fully compliant and ready for the May deadline.