What is GDPR?
In the UK, companies follow the 1998 Data Protection Act to ensure the safety of people’s data. However, technology and data sharing has developed a lot since 1998. The new General Data Protection Regulation (GDPR) comes into force May 25th 2018.
GDPR is to further protect you the customer in an age where data usage is part of our every day lives. We shop online, carry our banking transactions, book holiday and use social media. All this involves the use of your data.
How does GDPR protect me?
GDPR aims to protect any personal data a company holds about you – this includes everything from your name, address, email address, images, social networking accounts and IP address.
GDPR also protects usage of sensitive data such as your medical information, sexual orientation, your genetics, your political views or any trade union memberships.
What are my rights?
The right to be informed – you have a right to know how your data will be used by a company.
The right to access your personal data – you can ask any company to share with you the data they have about you at no cost.
The right to rectification – this just means you can update your data if it’s inaccurate or if something is missing.
The right to erasure – the right to request that a company deletes any personal data they have about you. There are some exceptions to this rule. If you have a financial connection, on-going complaint perhaps or you are an employee and a company needs to keep salary, tax information. You can access more information on this from the ICO, Information Commissioners Office.
The right to restrict processing – if you think there’s something wrong with the data being held about you, or you aren’t sure a company is complying to rules, you can restrict any further use of your data until the problem is resolved.
The right to data portability – this means that if you ask, companies will have to share your data with you in a way that can be read digitally – such as a pdf. This makes it easier to share information with other companies, such as your bank details when applying for a loan.
The right to object – you can object to the ways your data is being used. This should make it easier to avoid unwanted marketing communications and spam from third parties.
Rights in relation to automated decision making and profiling – this protects you in cases where decision are being made about you based entirely on automated processes rather than a human input.