GDPR: Who, what, where?

What is GDPR?

General Data Protection Regulation (GDPR) is a way of bringing data protection legislation into line with new, previously unforeseen ways that data is now used online. Currently, the UK relies on the Data Protection Act 1998. The introduction of GDPR will see tougher fines for non-compliance and breaches, and gives individuals more say over what companies can do with their data. GDPR comes in to force on the 25th May 2018.

GDPR applies to personal data relating to a living individual. This includes any information relating to a person that can be directly or indirectly identified by reference to an ‘identifier’ i.e. name, identification numbers, location data or even online identifiers. GDPR also applies to sensitive personal data including any genetic or biometric data processed to identify an individual – also data relating to criminal convictions and offences.

Who & Where?

GDPR applies to any business processing personal data belonging to EU residents. This includes businesses within and outside of the EU that offer goods/services to people within the EU.

How to Operate

You will need to determine who is the ‘controller and ‘processor’ or all data held within your business.

  • A controller – is a person who (either alone or jointly with other persons) determines the purposes and manner in which any personal data is processed. 
  • A processor – is a person who processes the data on behalf of the data controller. You will need to determine who is the ‘controller’ and ‘processor’ for all data held within the business. Both have legal liability if there is a data breach within the company.

“Processing” means obtaining, recording or holding information or data and carrying out any operation or set of operations on the information or data. This includes: a) any organisation, adaptation or alteration b) retrieval, consultation or use c) disclosure or distribution d) arrangement, grouping, blocking, erasure or destruction.

What can I do with data?

You must have a valid lawful basis in order to process personal data, this will be covered in our next blog.

POPULAR POSTS

NEW: Payout frequencies and on demand payouts

We’ve updated the way you receive your payouts on Helm Tickets! You now have more control over when you receive your funds and can select the payout frequency that best suits you. These new features allow you to access your funds when you need them. It’s completely up...

How to market your event on Twitter

Social media moves fast, but nowhere is it faster than on Twitter. If you’re promoting events on Twitter, it means your marketing strategy needs to evolve quickly too.

Twitter may be one of the most challenging networks for social media event marketing, but it’s also one of the most rewarding.

How to market your event on Facebook

Facebook isn’t just the world’s favourite social media platform, it’s also a powerful events hub. With 490 million people using Facebook events every month, it’s the discovery site many people turn to when they want to find out what’s going on in their area.

GET WEEKLY EMAIL UPDATES

CONNECT WITH US