GDPR Players on the Client’s Stage
The EU’s General Data Protection Regulation or GDPR has the full force of law from 25 May 2018, no matter what Brexit may hold in store. In a few choice syllables, it affirms that personal information belongs to individuals, and they have complete control over what happens to it.
The EU has already had harsh words with Facebook about how they have been sharing our preferences without our permission. Even Google has had to admit that they are merely ‘players on the stage’ as the bard would have it. Moreover, this happens on a stage where the client is the class act who calls the shots.
The Duties the GDPR Lays on Business
Article 5 of the GDPR document lays down the following principles with which business (and government agencies) must comply, when it comes to acquiring and using personal client information. Law enforcement and national security are the only two exceptions. The rest of us
- May only acquire the bare minimum of relevant information we need
- Must ask first, and explain how we plan to use it for lawful purposes
- May not use it for any other purpose, nor share it without permission
- Must protect client data from all hackers, identity thieves and the like
For their part, personal owners of private information that we hold, have the right to inspect it, request corrections, or insist we delete it permanently. If we do not wish to comply for whatever reason we may have, our only legal workaround is to terminate the relationship, and permanently destroy the record.
The GDPR system is a ‘don’t tell me, show me’ model. We have always respected client confidentiality at Auger. Now we are working even harder to affirm our belief that whatever it takes … we’ll be with you from start to finish in strictest confidence. And that’s a confidence we are keeping, not just because of the GDPR. Here is an interesting graphic of the main components of the system. We shall be exploring these in the months that lie ahead.