What Is GDPR Compliance and Why You Should Care

7 min read
May 11, 2018
  • Post on Twitter
  • Share on Facebook
  • Post on LinkedIn
  • Post on Reddit
  • Copy link to clipboard
    Link copied to clipboard
EU starts cloud illustration what is GDPR compliance

“Online privacy” is a big phrase recently, but might seem to be underestimated by online users at the same time.

Let’s take the Facebook-Cambridge Analytica data scandal.

It still lives in media. The US Congress put Zuckerberg through the hoops. And a couple of days ago, Facebook added fuel to the fire by sacking an employee who used users data to stalk women.

And yet, according to joint Reuters/Ipsos survey, Facebook’s reputation has suffered little. The half of those surveyed had not changed the way they used the site, and another quarter said they were using it even more!

But does it mean that people don’t value their online privacy anymore? Not exactly. According to the same survey, more Facebook users claimed to know how to guard their personal information on the site than users of other social media platforms.

As the discussion about data protection brings awareness and as the General Data Protection Regulation (GDPR) is around the corner, let’s check how data protection is beneficial for online users. Also, let’s see how GDPR compliance will make our data safer.

Why you should protect your data?

Who controls the past controls the future. Who controls the present controls the past.
George Orwell, "1984"

The most important reason why protecting your data is so important is because you want to be protected from identity fraud or theft. Most of us know that we shouldn’t reveal our real names, addresses and bank details on social media. At the same time, we forget that we store this data in apps we use. Do you know who has access to this data and what exactly kind of data you’ve shared with them?

Another thing is that you can’t be sure how your data will be used against you. For example, Admiral, an insurance company, used social media profiles from their customers to analyze personalities of car owners and set the price of their insurance. Would you like to be judged by your Facebook account? Me not.

Ability to manage your data is also important for your reputation management. Let’s face it, if you’re a healthy human being, you grow and change your points of view. Also, something you were proud of a couple of years ago, can be something to be ashamed of now.

The fact that you won a beer drinking contest as a student doesn’t mean that you want the world to remember about it when you’re running for a city mayor ("I smoked but I didn't inhale").

Yup, data protection is important.

Heart shape padlock

What is GDPR

The existing set of EU data rules, Data Protection Directive (DPD) was quite old-fashioned (it was adopted in 1995) and didn’t fit the digital age.

For that reason, in January 2012, the European Commission set out plans for data protection reform across the EU. As the result, the General Data Protection Regulation (GDPR) was born,

It will come into effects on May 25th and will give EU citizens more control over their personal data.

The first thing is that the concept of “personal data” was broadened. Now, it covers any person-related information that can be used to identify a person. For example, if your email address consists of your name + surname, it means GDPR will protect it.

The second thing is that although GDPR was created for EU citizens, it applies to all companies that process personal data of EU citizens. It means that if a company (or organization) is based outside of the EU, as long as it processes data of EU customers, it should also be compliant with GDPR.

Another thing that’s very important for us, regular Internet users, is that there’s a rule called “the right to be forgotten.” It means that if you want your data to be deleted by a company, the company is obliged to do so. Also, you have the right to request a copy of your data stored in their database.

Companies under GDPR will have to notify data authorities within 72 hours after a breach of personal data has been discovered. “Regular people” will also be informed, but only if it poses “high risk to their rights and freedoms”. Companies that won’t align with GDPR will pay enormous penalties.

One of the key principles of the GDPR is that the organization should implement an opt-in policy and have a data subject’s consent to process their data.

But what does it really mean for businesses?

Although at first GDPR sounds like doom and gloom, it will, in fact, bring a lot of good for companies.

Increased alignment with evolving technology

Let’s be honest, the bigger a company is, the more difficult it is for the company to move with the times. There are too many regulations, procedures and - well - decision makers to make this change go smoothly. Let’s add to that costs of product changes and staff training to understand how difficult it is for many companies to be up to date.

Getting compliant with GDPR will be not only an obligation but also a great opportunity to dust off the documentation and catch up with modern trends.

Greater customer loyalty

Penalties for a data breach are so high (bad news), that most companies will do their best to make customer data safe (good news). It means that if a company didn’t have time previously to ensure the security of its data, GDPR gives the opportunity (again) to work on it. Thanks to that, you will be less prone to data breach and therefore your reputation won’t suffer.

Also, with increased security GDPR introduces increased transparency. Nowadays consumers are becoming more and more suspicious about how their data is handled; the transparency you will demonstrate will encourage trust in your brand.

More accurate data

Getting GDPR-ready will improve the accuracy levels of data stored in a company’s database because it will allow customers not just to access their personal data, but to inspect and validate the stored information.

Improved data security

Cybersecurity breaches are a bigger threat than we think. Did you know that 68 percent of large firms in the UK have encountered a cyber attack?.

With the scale and sophistication of these attacks growing each day, having a GDPR-compliant framework in place will extend your cybersecurity practices.

Heart shape padlock bridge

Don’t be afraid of GDPR

Four years ago in London, there was performed an experiment that was supposed to highlight the “total disregard for computer security by people when they are mobile.”

Londoners were asked to agree to terms and conditions as they logged on to use free wifi in a cafe in a busy financial district and at a site close to the houses of parliament.

The funny (or terrifying) fact was that the terms included a clause where users agreed to “assign their first born child to us for the duration of eternity." Quickly after these terms went live, six people signed up, apparently not reading the whole thing.

Of course, I’m the last person here to cast the first stone. I can hardly recall the last time I read the whole terms and conditions! But for that reason, I’m quite happy that GDPR is going live; it was made to protect such careless online users like myself.

If we also think about the fact that it’s a great opportunity for all companies to align with modern technology (including security demands), it will be clear that instead of being a pain in the neck, it’s a win-win situation for both: customers and companies.

Want to know more about what is GDPR compliance and how to introduce it in your company? Visit this website to learn more:

Want to know where is LiveChat on its path to GDPR compliance? See it here: