GDPR is less than a year away and getting closer by the minute. The biggest shake-up in consumer data protection in recent years promises strict enforcement globally, fines of up to 4% of annual global turnover or €20 Million (whichever is greater) for offenders, and zero tolerance. Tomorrow is already too late to be thinking about your GDPR compliance strategy.
So, if you make your goods or services available to EU data subjects, or are using any form of visitor customer behavior analysis, you can expect a less-than-polite knock on the door after May 25, 2018, when GDPR comes into effect. The very first thing to realize is, that you as data controllers are ultimately responsible for your business’ compliance with GDPR, that means for implementing appropriate technical and organizational measures to demonstrate all processing activities are compliant with the requirements of GDPR.
You need your CMS to provide a toolset that can make it easier and cheaper to:
- fulfill the rights of data subjects as defined by GDPR
- help you to demonstrate compliance with the data protection principles when requested by law enforcement authorities