What is GDPR? How will this affect me? When is the deadline? These are questions people are scouring the internet for answers to. So, here’s a quick summary of how the new EU regulation will change the protection of our personal data.

The GDPR (General Data Protection Regulation) is the EU’s answer to protecting our personal data from companies in an attempt to ‘harmonise data privacy laws across Europe’ according to the EU’s GDPR website. It’s to replace the Data Protection Directive established in 1995 so it can keep up with the ever-growing, fast-paced digital era of marketing. Simply put, you are going to get fewer emails about cheap holidays, buy one get one frees and flash sales (unless you want them of course).

The deadline for this is on the 25^th May, which explains all the emails about GDPR in your inboxes. Companies now have to seek consent from their customers to continue using their personal data to send things like newsletters or promotions. Those who have valid consent from customers may not need to reaffirm this but those companies that automatically opt you in after just one purchase will need to conform to these rules otherwise there are hefty fines to pay, €20m or 4% of annual global turnover whichever is highest.

But this is not just to do with spam emails, the legislation is making sure consent is not buried under lengthily, overcomplicated terms and conditions and instead it must be shown in an ‘intelligible and easily accessible form, using clear and plain language’. Also, it encourages ‘data portability’ where people can easily take their personal information and move it to new companies through a machine-readable format. Another big change to the legislation is customers have the right to ask whether their personal information is being processed and for what purpose. Controllers then must give an electronic copy of this free of charge. This aims to make significant changes to the transparency of using personal data and give some power back to the public.

This is all great news for customers but if you have your own business and carry out things like email marketing or needs to hold personal information about their customers such as addresses, numbers even religion then you are covered by GDPR. You now have a duty to carry out these actions otherwise it’s going to cost you a lot. With opt-in rates currently at 10% according to The Guardian, companies are resorting to prizes to give customers incentive to stay.

What do you think? Do you think this will help prevent exploitation of personal data? Or is it too good to be true? Let us know what you think in the comments below.