As of the 25th May 2018, the European General Data Protection Regulation (GDPR) will come into effect in the UK. The GDPR will also be supplemented by a new Data Protection Act (DPA).
GDPR has been designed to meet the requirements of the digital age with the aim to give individuals more control over their personal data. According to Clayden Law:
"When the DPA 1998 was first implemented, fewer than 10% of UK households had internet access. The technological world has moved on at an exponential pace since then, and a new law was required to reflect and address the current issues/foreseeable trends in technology and the use and misuse of data by organisations. Massive data breaches seem to be in the news every day now - and it was clear that the security of data was not given a high enough priority."
Our Commitment:
Purple Dove Media is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise the requirement and importance of updating and expanding this program to meet the demands of the GDPR and the Data Protection Bill/UK law.
Purple Dove Media is dedicated to safeguarding the personal information under our remit and to developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new Regulation.
How We are Preparing for the GDPR:
With just a few months away until ‘the most important change in data privacy regulation in 20 years’ is enforced, we want to take this opportunity to update our existing and prospective clients and partners on how we are preparing for the new legislation.
- Our Data Protection policies and procedures have been reviewed and updated to reflect the changes required under GDPR. This includes, and where applicable: data protection policy; data retention, erasure and breach; international data transfers and third-party disclosures; subject access request; legal basis for processing; privacy policy; obtaining consent; data protection impact assessments; processor agreements; special categories data and Information security;
- We now have additional procedures and record keeping to help clients map what personal data we hold on their behalf, where it comes from, who we share it with and what we do with it;
- We now have a process in place to respond to our client’s (data controllers) requests for any information they need following an individuals’ request to access or make changes to their personal data.
In addition to the above:
- In February we undertook an independent information audit and GDPR gap analysis and have been working through to ensure that Purple Dove Media are GDPR compliant.
- Purple Dove Media has now appointed Data Controller with The Information Commissioner’s Office. Date of Registration 28 February 2018.
- Our employees have trained for GDPR for the Marketer with The Chartered Institute of Marketing. Certification of completion was awarded on 01 March 2018.
Above all, Purple Dove Media have always promoted a positive culture of data protection and compliance and understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR. If you have any questions about our preparation for the GDPR, please contact us.
