OK, so we’ve been talking about this exciting, enthralling and downright SEXY topic of… the General Data Protection Regulation (or GDPR).
I know, I know. Contain yourself.
So, we know that two important things here are:
- Getting consent.
Get THE EDGE Sent To You Every Monday!
Be sure to subscribe (for free) to have The Edge sent to you automatically every Monday morning. There’s some extra goodies in the email version you won’t find here in the archives. Just sayin’. 🙂
You will not be redirected from this post when you subscribe, so you can keep reading.
First of all, it bears repeating. But, I ain’t a lawyer. 🙂 What I’m spelling out here about the GDPR is my interpretation of things. I could be wrong about some stuff. Consider this… entertainment. OK?
- What information is being collected?
- Who is collecting it?
- How is it collected?
- Why is it being collected?
- How will it be used?
- Who will it be shared with?
- What will be the effect of this on the individuals concerned?
- Is the intended use likely to cause individuals to object or complain?
And then you proceed to answer these questions in a way which is easy to understand.
- Information you collect
- How it is stored
- What you do with it.
- Any third parties that would get it, too.
- What cookies/tracking are going on
- Who your “data protection officer” is (probably just you)
- How to contact you
These are some guidelines. I know everybody would like a template for such a thing, but I’ll leave that to you to search for. I don’t want to get into that territory because, again, I’m not a lawyer.
Now, as for those consents, what do you do?
In most cases, a quick checkbox on the form which says they are OK with their data being collected will suffice.
It gets more complicated if you’re doing multiple things with that same data. If you are, you might have to have more granular checkboxes (aka more than one) for them to agree to several different things at once. For instance, if you were collecting email address and mobile phone number and were intending to communicate to them with both SMS and email, you’d probably need to have a checkbox for each.
As time goes on here, we’re going to see more “real world” application of this stuff…. especially after May 25th. So, the confusions that are natural in all this will begin to get ironed out as we see other sites comply.
More coming up. In fact, I think this topic might extend into part of next week here on the Daily.