You may be asking yourself after the 200th GDPR email has appeared in your inbox, what exactly is GDPR, and (perhaps more importantly) why should I care?

Good question! GDPR is still a bit of a grey area, but I think we have a good understanding of it.

So, what actually is it?

GDPR stands for General Data Protection Regulations and is replacing the Data Protection Act 1998. It’s a large piece of legislation that’s tightening up the rules and regulations about how, when, and why someone can gather and use personal data.

“What’s personal data?” I hear you ask! Another good question – you’re on the ball today. The Information Commissioner’s Office (ICO) defines it as “any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”. Quite a mouthful. But basically, it means any information that, when combined with a second piece of information, could identify someone. So pictures, names, email addresses – even IP addresses – all count as personal data.

As we were saying, it’s a big piece of regulation.

What happens next?

You’ll have seen lots of emails recently asking you to “opt-in” to keep hearing from companies. They’ll be asking things like:

“Are you GDPR compliant?”

“Do you still want to be emailed with exclusive offers from us?”

“In order to stop being bombarded with emails, we need to bombard you with emails to opt-in.”

This is because, in terms of marketing, the rules have become very strict. You have to be open and transparent about what you’re doing with data, and you have to give people the opportunity to opt-IN, rather than opt-OUT. Gone are the days of the pre-ticked boxes and: “If you DO NOT want tons of emails, tick here.”

This should weed out a lot of spam, and help reduce your inbox to only the odd “you may be interested in this” email and mean it’s chock-full with all the goodness you know and love instead.

So… it’s a good thing?

There’s a lot more to it, so don’t be fooled into thinking it’s all about marketing. It’s about collecting data for legitimate reasons, not for the hell of it. It’s about storing it securely. It’s about sharing it with only those who need to know. And it’s about being transparent with the data subject. There are multiple facets, many documents, a multitude of processes; there’s a lot.

In the short term, this legislation is a difficult one to navigate, yes, but in the long term, the benefits far outweigh this.

It puts the power back in your hands as a data subject, and it gives companies the opportunity to strip out all the bad habits and build a strong force of engaged customers. You’ll have better quality data (and therefore – leads for your business), more efficient processing systems, and a more trusting audience.

So, let’s all raise a glass to the much-needed GDPR.


Join us for our next #GIANTtalks all about GDPR and how you can make the most of this slightly scary looking regulation. Spoiler, it’s not scary!