Continuing our series of blogs about the new GDPR.

The GDPR is underpinned by six principles:

Personal data should be…

1. Processed lawfully, fairly and in a transparent manner in relation to individuals.
2. Collected for specified, explicit and legitimate purposes and not processed beyond those.
3. Adequate, relevant and limited to what’s necessary in relation to the purposes for which they are processed;
4. Accurate and, where necessary, kept up to date.
5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
6. Processed in a manner that ensures appropriate security of the personal data.

In addition, the GDPR states the data controller (the person or organisation who determines how the data is processed) is responsible for, and needs to be able to demonstrate, compliance with all these principles. This concept of accountability is a key precept of the GDPR.

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

In essence, the GDPR’s definition of personal data covers any information that could relate to an identifiable, living being. In practice this could cover names, email addresses, phone numbers etc.

At Talkmarketing, we are gearing up to be able to assist you with all the necessary preparation to ensure you are GDPR compliant. If you need any information or help, please do not waste any time - just give us a call and we will help you in any way we can.

Don't forget to subscribe to our blog so you don't miss the next installment!