Single Blog

Are you ready for GDPR? (eBay Updates January 2018)

eBay Changes GDPR
eBay Changes GDPR

Coming into force in May, 2018, GDPR (General Data Protection Regulation) may prove a headache to all businesses. According to Wikipedia, it “is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.”

Some of the key requirements are:

Consent must be an active, affirmative action by the data subject, rather than the passive acceptance under some current models that allow for pre-ticked boxes or opt-outs.

In addition, you may need to gain consent for different types of contact (such as specifying telephone/email contact) or different reasons to contact (information about marketing, free offer vouchers etc)

Controllers must keep a record of how and when an individual gave consent, and that individual may withdraw their consent whenever they want. If a person is physically present then it may be enough to obtain a written signature. If it’s electronic you may need to have a double opt-in process – this when someone agrees to receiving a communication but then additionally has to activate a confirmation email.

It’s all a bit of a minefield, but there are quite a lot of websites to help out. This is the official site:https://www.eugdpr.org/gdpr-faqs.htmland here is the Wikipedia entry:https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

It’s a good idea to review your current policy and check to see if any changes are required – it’s a fairly common practice for instance to keep records of eBay buyers’ emails and then contact them with special offers – that is one of the systems this new law was specifically set up to combat.

ADVICE: If your current model for obtaining consent doesn’t meet these new rules, you’ll have to bring it up to scratch or stop collecting data under that model when the GDPR applies in 2018.

Comments (0)