What is GDPR

The General Data Protection Regulation (GDPR) is the new EU regulation designed to protect and empower every subject’s data privacy located in the EU regardless of where the processing is happening.

GDPR applies to every organization located in the EU that processes personal data regardless of nationality and covers several activities and aspects including data collection, processing, transfer, storage, security and data subject rights.

GDPR was enforced on May 25th, 2018. Noncompliance has fines up to 4% of annual global turnover or €20 Million. Fines will be served by the respective Data Protection Authorities (DPAs).

Why is it Mandatory by Law

As for the need for consent for marketing communications, the legal basis is to be found in art. 130 of the Privacy Code. The provisions of article 1, paragraph 14, of the law of 11 January 2018, no. 5. 12 13. 2. The provision referred to in paragraph 1 also applies to electronic communications, made for the purposes indicated therein, by e-mail, fax, MMS (Multimedia Messaging Service) or SMS (Short Message Service) messages etc.

Considering n.47 of EU Reg. 679/2016 the legal basis of legitimate interest can be invoked only in the case of soft spam (sending commercial offers concerning a good or service already purchased), while the general rule is that the treatments for marketing purposes are lawful only after having acquired valid consent.

As far as B2B marketing is concerned, business name-surname emails are also considered personal data. If the email was generic such as info @ or similar, then it might be enough to insert the possibility of unsubscribing from the mailing list. However, it is always good to have regard for the way in which the email was acquired.

The Legal information has been provided by BA-Legal-Law Firm

GDPR Applies To EU & European Economic Area (EEA) Members

Show Who is Involved

GDPR affects all businesses collecting or holding personal data on EU citizens by data protection law.

GDPR affected countries

Austria
Belgium
Bulgaria
Croatia
Cyprus
Czech Republic
Denmark
Estonia
Finland
France
Germany

Greece
Hungary
Iceland (EEA)
Ireland
Italy
Latvia
Liechtenstein (EEA)
Lithuania
Luxembourg
Malta
Netherlands

Norway (EEA)
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
United Kingdom (BREXIT, EEA)

The Data Types List

storing even one of the following, you must be in compliance with the GDPR consent

Personal Data:

Name
Address
Phone
Bank/Credit cards
Email address
IP address
Cookies

Sensitive Data:

Online identifiers
Biometric data
Genetic data
Health data

Data Types are defined by GDPR Article 4.
More information on: https://gdpr.eu/eu-gdpr-personal-data/

GDPR Penalties & Fines

GDPR rules warn that the stakes are high. For example, reporting is mandatory within 72 hours if your data has been breached or you will be fined up to 20M euros.

British Airways are facing fines of up to $26 million for a data breach that occurred in September 2018.
Marriott International was expected to be fined approximately €20.4 million for a data breach between 2014 and 2018.

It’s fair to say that the EU is taking this extremely seriously.

GDPR fines
https://www.tessian.com/blog/biggest-gdpr-fines-2020

Go-on Group GDPR Consent Management

Go on Group has worked hard to provide a solution to the GDPR Consent Management for its partners.
The platform works under the GDPR framework, which is in line with the required laws & regulations.

The platform itself was created to make the process easier to operate, manage and use.

Features of the platform:
1. Gain Consent from your network
2. Provide the “Right to be forgotten”
3. Transparency
4. Tracking system
6. Automatically repeat follow-up emails
7. Data storage and security
8. Reporting system

Go-on Group GDPR Workflow

In order to comply with GDPR rules, the first step is importing all the contacts that require GDPR consent to the Go-on GDPR platform.

Choose those contacts and send the GDPR consent from the platform with autofill of NAME, LAST NAME, and EMAIL, alongside with other helpful functions.