Every business you subscribe to is currently coming into line with new laws based on the GDPR. The deadline for the GDPR is 25 May 2018, and stricter rules are being enforced with regards to handling data for citizens based in the European Union.
The result of non-compliance? Hefty fines.
In this post, we want to share with you how the GDPR is affecting the way we do business with you – our customers.
The GDPR (General Data Protection Regulation) is a new EU regulation which aims to give citizens control back over their personal data. The aim is to make companies more transparent and responsible in how they handle their customers’ personal data.
It applies to any data that can be used to personally identify you – such as date of birth, location or IP address.
It also seeks to simplify the regulatory environment for international businesses – by harmonizing the regulation that already exists for countries within the EU. It’s a big change now for future benefit.
That’s why even non-EU companies are coming into line with the GDPR.
Kovai Limited is relatively small in the grand scheme of things, and we’ve got a personal relationship with all of our customers. It’s a relationship we respect and cherish dearly.
We’re not an advertiser, and we don’t sell or share any of our data for profit. Your privacy has always been a big deal to us.
That’s why, even before the GDPR, we’ve always:
- Protected your data, never sharing it in any way
- Stored your data securely
- Only handled customer data for administrative or product purposes
- Used “double opt-in” to make sure you want to get emails from us
- Included a clearly labeled unsubscribe link in all of our emails to you
Even if their policies have been pro-privacy in the past, all businesses still need to tighten their processes in light of the GDPR.
That’s why we’ve been working closely with our advisors Happiest Minds to ensure we are totally compliant with the new rules.
What we’ve changed
We considered a number of partners in our GDPR journey. We chose Happiest Minds because they align with our values, and specialize in the regulatory field.
Over the course of about three months, they audited our existing policies and procedures to ensure we are compliant with the GDPR. Based on their recommendations, we made a few small changes.
- Every staff member undertook retraining on how to handle confidential customer data and how to collect information on “need” basis.
- Every data processing staff member has been made aware of the regulatory requirements and how to comply.
Amassing a digital data footprint is an almost unavoidable part of modern life.
Collecting and processing data underpins nearly every aspect of the business and requires new laws that ensure citizens can retain control over their own data. The GDPR is not exactly brand new, but an update of previous privacy laws enshrined before the latest digital revolution.
It’s not just about privacy, but empowering citizens to take ownership of their data and how it is used. It’s about limiting some of the powers that some businesses have previously exercised over data without restraint – in the pursuit of profit.
We were happy to make the necessary changes to ensure compliance.
What we haven’t changed is how we always put our customers first. Everything we do with your data is in service of you.