We’re sure you’ve heard about GDPR, who hasn’t actually?
GDPR is a new framework for European data protection law, taking effect on the 25th of May, 2018 (great gift for my birthday 🙂 ). It is a requirement for every Europe-based company, as well as every company that is processing data of European citizens.
What will you learn in the article?
- GDPR overview in general
- I’ll explain, what Kontentino’s been doing in order to be compliant by the 25th of May
- How does GDPR affect you as a user/customer of Kontentino
- Links for more information on the GDPR subject
1. What is this ‘GDPR’?
If you are in a managerial position within your company, you surely realized, you need to do some additional work inside your company to be compliant.
We in Kontentino think that the new GDPR law is really a good thing and is maybe implemented too late. You may now know, but the last update of online privacy is from 1995 and I have a strange feeling, that internet and everything evolves so quickly that if there were some privacy laws adopted the last year, even those would be outdated today.
Anyways, I will try to illustrate briefly on examples each of us have certainly experience with.
Imagine, you’re updating your Mac, (I am sorry for Windows users 😀 ).
Apple is asking you to automatically send statistics of your usage of the new operating system, and it may include your location, mouse clicks, when you turned your computer on, when it crashed, etc… I am not saying it is bad, actually quite the opposite. If you allow this, Apple has information what features are used the most, what features are not working properly – so they can quickly fix it.
Having said that, let’s go to the second example below:
Say, you just came across this e-shop that sells iPhones.
You entered the page but decided to leave immediately because the prices were too damn high.
Now, I dare to ask: Do you know, what you have just done? What implication this will have? 🙂
From this moment on, if you go to Facebook for example, or go read news on your favorite news portal, you will see ads from the e-shop you have just left.
The question is why, why should you be interested in buying from that one e-shop again if you deliberately decided not to do the purchase?
This is bad for the e-shop also, for they are spending money on useless ads to sell to a customer who is obviously not interested in buying.
Isn’t here something off, after reviewing those two examples? Why, when you’re using one type of service, you are offered an opt-in not to be “watched” by big brother disregarding the pros (and cons) it can have and when you are using another type of service, you are automatically watched, processed and being handled disproportionately?
Wouldn’t it be nice if after you enter an e-shop, they would ask for your permission to show ads to you when you’re browsing the internet if they happen to offer a new product you might be interested in? Or they might promote this new review/unboxing for a new iPhone for example.
Wait, does something ring a bell with you?
And this is what the GDPR is all about 🙂
(Of course, the law includes some new principles of handling personal information and fines when not abided – to fully and clearly understand the law, please take a look at links at the end of the article.)
2. What we’re doing in order to be compliant
Hereby I say, Kontentino is going to be GDPR compliant by the 25th of May, 2018.
There are some required updates to be done in Kontentino, for example opt-ins for processing your personal information, an option to download all of your personal information you have shared with Kontentino service and improved options for processing your personal information, for example closing your account or removing your personal information from each of Kontentino services (this has already been available, however, it will be much more clear and transparent).
We’re also appointing a Data Protection Officer, who you should contact if any inquiry regarding your personal information arises.
3. How does GDPR affect Kontentino users?
When dealing with GDPR, it is important to set down two important terms in terms of responsibilities when dealing with personal information:
- data controller
- data processor
A company that decides to keep and control this data.
A company that processes the data on behalf of the controller.
Here’s the funny part, within the relationship you — Kontentino, Kontentino behaves as the Data Processor, and you behave as Data Controller (you “control” data of your employees)
Therefore, for now, the important relationship is you — Kontentino – we will provide you with all legal documents required for your compliance soon.