By Maddie M | Wednesday 7 February, 2018

GDPR – What you need to know

Download PDF Version


Our data protection laws were last updated in the 90s. With the vast change in our online systems and how businesses process data these are no longer fit for purpose. New laws are being introduced to create transparency and give users more control over the data businesses collect.

All small and large businesses will be affected by this, so Redder have produced some information of what you need to know and action before 25th May 2018. The cost of non-compliance will be very costly with maximum fines being up to 2 million or 4% of your global turnover, it’s worth having a good read through and Redder are happy to help with any of your enquiries.

Things you need to know about GDPR

Be Aware

Make sure your company understands GDPR and is ready for the changes coming in May.

Moving forward it will be important that you understand what data you have and where it’s coming from:

  • What personal data do you hold?
  • Where has it been collected from?
  • Who do you share it with?

Think about building an information audit.

Be Transparent

GDPR Article 12transparent information, communication and modalities for the exercise of the rights of the data subject.

Make no grey lines between you and your consumers. People do business with other people they know, like, and trust.

Build trust by treating consumers data with respect and making your objectives for the data clear.

Be in control of your data

Users will now have the right:

  • to be informed  
  • to access all their data  
  • to rectification  
  • to erasure
  • to restrict processing
  • to data portability  
  • to object
  • not to be subject to automated decision-making including profiling.

This could become a lot to manage, so think about whether you actually need all of the data you have and how you can easily manage handling all your data.

Data breaches

If you have a breach of data you will now have 72 hours to report it.

The users who have had their data stolen would need to be told and if it concerns people’s safety you would also need to report the breach to the ICO.

GDPR means ramping up your security to the max and have a system in place incase something happens.

User consent

A big part of GDPR is the control users will have over their data. You will no longer be able to buy data from third party companies unless users have opted into hearing from you.

To use the personal data, you will need to have proof of consent from your users.

Users should be given a choice of what they do and don’t subscribe to. A great example of this is the Swimathon opt in page. Create transparency between your business and your users.

Cookies & privacy policies

If your cookies collect personal data from your users like location or IP addresses you will now need to get users permission to use these before they can track anything.

Your privacy policies will need to be simple, clear and written in easy to understand language.

If you have different stages of data collection throughout the website, this will need to be broken down and cannot all be put into one privacy policy.

Marketing with GDPR

Due to the restrictions of user consent, targeted marketing will be harder and methods such as email marketing will not be as easy as it used to be.

Think ahead and get your marketing team ready for the change with a plan of action!

What happens with the data I already have?

To keep the data you already have you will need to have proof that person has given you permission to use it.

If you don’t currently have proof of this, you will have to get users to re-opt in.

It’s not all bad! After this process you will have a list of people who have GENUINE interest in your business and WANT to hear from you.

You are responsible for your business’s data

Past projects:

Any previous clients of Redder are responsible for their own data and their systems however, we are happy to help getting you GDPR compliant.

New projects:

Moving forwards Redder will be 100% compliant with GDPR and will ensure all future projects with clients will also be GDPR compliant


Are you GDPR ready?

Get my business ready

Leave us a Message

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.