GDPR and what it means for NZ businesses

14.05.18

by Rakesh Patel

The 25th of May 2018 heralds the biggest legislative change in online data protection and e-Privacy in the last 40 years.

You may have seen or read the emails regarding something called the GDPR (General Data Protection Regulation). The GDPR is a directive initiated by the European Economic Area (EEA). Although this is a European directive it does have an impact on the rest of world.

GDPR in NZWhat is it all about?

The GDPR is designed to make companies more accountable for the information they have stored about persons within the EEA. Even though you may not directly engage with the EEA for your business; things like data processing, data collection, subscriptions etc may use storage facilities in the EEA, if this is the case therefore you must be compliant with the legislation.

In real terms if there’s a likelihood that someone from Europe will fill out a form, or visit your website then you should become GDPR compliant.

Third party software such as Google Analytics, Remarketing, AdWords which track individuals may occur in the EEA which means you must be compliant with the new rules and regulations. The premise of the GDPR is about building trust amongst individuals.
 

What does this mean for me?

There is no checklist to tick off to say what you need to do. The legislation is still in its infancy and no doubt there will be amendments to it.

As mentioned above the legislation is all about securing the information held in your database of the people you are serving. Information such as name, address etc.. will be recorded in your database. A person has the right under the legislation to see their data (refer to cookie tracking), what it is used for, edit any information in their record and ask for the information to be deleted. (refer to: Data Protection)

If you are not sure about whether any information is processed or collected in Europe or whether you have customers from Europe in your database, you are best to comply. There are heavy penalties for non-compliance or failing to respond to requests, at maximum these fines can range up to 20M Euros or 4% of your worldwide turnover.

What I need to do?

There are 2 things which need to occur:

1. The Data Retention policy in Google Analytics, Google AdWords and Remarketing needs to be updated (this is how long data will be retained before deletion) – If you work with us then Vanguard 86 has already completed this on your behalf (data retention has been set as a default of 2 years)

2. A banner/footer information bar advising a user that cookies are being used on the site. This needs to be installed on the site. Vanguard 86 will be installing these on all websites that are hosted on HubSpot and managed by V86, for those that are not hosted by HubSpot, but are managed by V86 we will send the code for you to install, along with instructions to pass on to your web developer.

We will keep you up-to-date of any additional information that may be required once the legislation is in force.

If you have any questions about this and our digital marketing services, please feel free to ask, it’s why we’re here!

Contact Us

filed under Website