A big motivating factor for the development of LEADman was to help our customers avoid GDPR fines for breaching the 8 basic rights that individuals have under the GDPR:
- The right to access.
- The right to be forgotten.
- The right to data portability.
- The right to be informed.
- The right to have information corrected.
- The right to restrict processing.
- The right to object.
- The right to be notified.
To protect the individual's rights to privacy, the EU brought into effect on May 25th, 2018, the General Data Protection Regulation (GDPR). The GDPR provides EU citizens with more control over their personal data and affects all organisations that do business with European customers.
If a Global aviation giant like British Airways can be fined £183.39M for infringing the GDPR by the ICO, albeit a portion of the BA GDPR fine was for a data breach, you can be sure that every business should address their website's GDPR policy sooner rather than later.
Information Commissioner Elizabeth Denham said:
People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.
The GDPR still allows you to collect personal data, kept as secure as possible, as long as the individual’s privacy rights are upheld and he or she has given their consent.
- Under GDPR, an organisation cannot send hundreds of cold emails to potential customers without their consent.
- Under GDPR, an organisation can no longer send a marketing email to someone who has opted out of receiving marketing messages.
GDPR is not about restricting data collection, but rather about privacy, security, transparency and ultimately, trust. The qualities all customers want from someone they do business with.
The eight basic GDPR rights, mentioned above, fall into four main categories. You will remember from our previous post about LEADman that we use the mnemonic "Captain, Data Forgot the Phasers" to make them easy to recall:
- Data access and portability
- The right to be forgotten
as long as the individual’s privacy rights are upheld and he or she has given their consent.
the data subject should also be allowed to receive personal data concerning him or her which he or she has provided to a controller in a structured, commonly used, machine-readable and inter-operable format
LEADman's contact profile allows your contacts to view and manage their data without the need to create an account on your website. The contact can request a time-limited unique url that will give them access to a page on your Joomla website with the data that you collected from them. This addresses data access and combined with LEADman's trash-manager you're also ahead of the curve for data portability.
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay
An individual's "right to be forgotten" means they should be able to have all of their personal data completely deleted from your system.
With LEADman's trash-manager your website's administrator can review all of the pending requests and ensure that the user's data is also removed from other systems, for instance the contact could be a site member or someone you've collected other personal data from through another Joomla extension.
Installing LOGman alongside LEADman activates the Activities menu in LEADman (all of our extensions are built to work together). From the Activities panel, you have access to all of the LEADman related activities that LOGman has logged, when coupled with LOGman notifications you can be certain that you'll never miss a GDPR related request.
Transparency and informing the public about how their data are being used are two basic goals of the GDPR.
Is your lead generation strategy GDPR compliant? No? Then go ahead and try LEADman on our demo or download it from our Dashboard and take your first steps towards full GDPR compliance. Not yet a member? Get a subscription and start using LEADman today!