What is GDPR?
GDPR, known as the General Data Protection Regulation, is a comprehensive law that gives EU residents more control over their personal data and attempts to clarify the rules and responsibilities of online service providers in collecting and using personal data of European users. It replaces EU law on data protection passed in 1995 and makes some significant changes to the existing convention.
How should businesses respond to GDPR?
1. Content preparation: The company’s GDPR description text is clear and unambiguous
• The company’s internal “Service Agreement” and “Privacy Terms” need to be adjusted accordingly to GDPR, and a rule description document suitable for the company’s own situation should be formulated.
• Clearly and unambiguously state the data the company will collect, how it will be used, and the user’s rights to consent or revoke consent.
• Ensure multi-language versions and do not use language differences to ambiguous regulations and obtain user consent.
2. New users: clearly inform users of their rights and interests at the form entrance
• Set up a clear user notification window at all data collection entrances such as subscription and registration.
• The location is eye-catching and the content is clear and concise.
• There should be no automatic checkboxes to force consent, and the app can only be used after obtaining the user's subjective consent
3. New users: clearly inform users of their rights and interests at the form entrance.
• Send permission application emails to all existing member users, and continue to send emails to unauthorized users after three days to obtain authorization as soon as possible. (The email template can be directly selected from the background template)
• The user clicks the "DO IT NOW" button in the email and jumps to the authorization link we generated in the "GDPR" function module.
4. Existing members: Users complete authorization on their own
• The authorization page does not check the user authorization content by default. Users need to check it themselves and then click "Authorize"
• After GDPR officially comes into effect, you can check the “Exclusion Group” in the email sending interface to stop sending emails to unauthorized users.
5. Existing members: Allow to revoke permission or modify authorization at any time
• For users who have not given a clear response to whether to authorize, as well as users who have already granted permission, an obvious revocation of permission mark must be set in each subsequent email push.
• Allow users to cancel authorization at any time.
• Allow users to modify personal information at any time.
This is the end of the introduction to GDPR in this issue. If you want to get more information about GDPR, please continue to pay attention~
