Weekly e-commerce moo's

UK: 08445 880 982
Subscribe

Weekly e-commerce moo's

What is GDPR – and How Can Online Retailers Ensure Compliance?

by Admoo (comments: 0)

The landscape of data protection has changed forever with the introduction of GDPR – or to give it its more accurate title, the General Data Protection Regulation legislature. Following many years of EU attempts to update data protection law to suit the shifting needs of the 21st century, GDPR has now replaced the Data Protection Act of 1988, and seeks to help people control how companies use their data. This will also involve hefty fines and penalties for those organisations which don’t comply with the new rules. GDPR applies to not only companies based within Europe, but also those who have customers within Europe. This is particularly applicable, therefore, to ecommerce retailers, who are empowered to sell around the world. GDPR officially takes effect on 25th May 2018. But how can online retailers make sure they’re ready for this latest legislative development?

Check your privacy policy

Privacy is more important than ever thanks to this new legislature. Every online store is different, but you may find you need to readjust your own privacy policy to ensure absolute transparency to customers; knowing the full story when it comes to their data and how it’s being used can no longer be hidden behind red tape, and even the slightest failure to comply could result in serious consequences. Be open, be honest, and check your policy with a fine tooth comb!

Appoint a Data Protection Officer

Depending on the scale of your business, it may be worth appointing a member of staff whose role is solely dedicated to ensuring customer data is safeguarded in the digital space. This tech savvy position may seem like an unnecessary extravagance, but if they are able to guide you towards compliance you’re better placed for both avoiding possible litigation and also for enhancing your profile as an ethical and trustworthy company.

Ask for permission

The new data protection law may require you to ask for customer consent where data is concerned, on a more regular basis than companies have previously been used to. Your permissions may also need to become more comprehensive, encompassing everything from access, storage and export of all potentially sensitive information.

Check partnered firms are compliant

If you are currently using any third-party applications to help run your ecommerce platform, it’s vital these, too, are compliant with the current legislation.

Train staff in GDPR

Ensuring your workforce are knowledgeable about the implications of GDPR is essential for a smooth transition and continual compliance. Begin with key staff members who work directly with data, but ensure even those who don’t have a basic overview, so they can in turn help to support the team in remaining compliant.

Be proactive

Keep detailed records of all your data dealings and consent acquisitions - and deactivate any default opt-in capabilities. GDPR requires full and explicit consent for data usage along with a right to be forgotten, so pre-checked consent is no longer acceptable. Adopting a rigorous approach to your data usage review will ensure you are in great shape when GDPR takes effect.

1 Month Free Trial

Free Setup & Your First Month Totally Free

Speak to an Advisor

Not Sure How We Can Help? Request a Callback

Go back

Add a comment