Henley Festival and GDPR
Posted on Nov 14, 2017
The internet has dramatically changed the way we communicate and how we handle everyday tasks. We send emails, we share documents, we pay bills and we purchase goods by entering our personal details all online and without a second thought. Have you ever stopped to wonder how much personal data you have shared online? Or what happens to that information?
We’re talking about banking information, contacts, addresses, social media posts, and even your IP address and the sites that you’ve visited are all stored digitally.
Companies tell you that they collect this type of information so that they can serve you better, offer you more targeted and relevant communications, all to provide you with a better customer experience.
But, is that what they really use the data for?
This is the question that has been asked and answered by the EU, and why in May 2018 a new European privacy regulation called GDPR will be enforced and change the way organisations collect, store and use customer data.
What is GDPR?
GDPR, or the General Data Protection Regulation is a new set of EU regulations set to come into force on May 25th 2018. The regulations give citizens more control over their data and to create a uniformity of rules to enforce across the continent.
How will GDPR affect me?
Under the GDPR, individuals have:
- The right to access –this means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data, free of charge and in electronic format if requested.
- The right to be forgotten – if consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted.
- The right to data portability – Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.
- The right to be informed – this covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt in for their data to be gathered, and consent must be freely given rather than implied.
- The right to have information corrected – this ensures that individuals can have their data updated if it is out of date or incomplete or incorrect.
- The right to restrict processing – Individuals can request that their data is not used for processing. Their record can remain in place, but not be used.
- The right to object – this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
- The right to be notified – If there has been a data breach which compromises an individual’s personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.
The GDPR is the EU’s way of giving individuals, prospects, customers, contractors and employees more power over their data and less power to the organizations that collect and use such data for monetary gain.
Why are you asking me to reconfirm my email address and agree to receive marketing communications?
One of the rules in the new GDPR regulations is that ‘Consent must be “freely given, specific, informed and unambiguous”
Consent can’t be a pre-ticked box any more. It has to include some sort of activity where the user is specifically agreeing to ‘receive information and/or offers’ for example. As Henley Festival move to ensure we're GDPR compliant, we’re asking you if you want to remain on our database and receive our marketing communication which of course, will include all programme details when they’re announced.
If you’d like any further information on GDPR, please click here