July 24, 2018 Jesse Bickerton
What kind of user data? It covers any type of data, from basic identity information (like name or address) to more complicated data (like biometric or genetic).
As you can see, this effectively means that every company has to comply with the GDPR.
One of the major issues of the GDPR is the request for consent when collecting private data. Just like if you want to send email communications to someone here in Canada, you need the expressed consent of the individual to do so thanks to CASL. Similarly, the GDPR requires that websites now ask for your consent to collect personal information and this request must also be easy to understand and easily accessed.
The GDPR sets out a number of new terms and requirements for businesses and organizations have to follow. For example, a data protection officer must be appointed and required to keep internal records to verify that the regulations are followed. Any data breaches must be reported within 72 hours. For more information, check out the General Data Protection Regulation website.
Today, most websites have updated their policies to reflect the GDPR. Companies like Facebook, Google and Apple all have updated their policies to allow people to check out the information these websites collect.
Although complying to the GDPR seems tedious, it will go a long way to help companies and organizations ensure customer data is protected. With data breaches becoming the norm for big businesses, the GDPR should help increase customer trust in companies who collect, analyze or otherwise use customer data.
Jesse Bickerton, RAVEN5, July 2018