Solutions for Compliance with GDPR, CASL and other Data Privacy
& Anti-Spam Regulations
Global data privacy and anti-spam regulations are changing the way firms communicate with their contacts. Any company that collects contact data from clients and prospects in Canada or Europe may already be impacted by these new laws, and more countries are considering similar laws. Canadian Anti-Spam Legislation (CASL) in Canada and the impending General Data Protection Regulations (GDPR) in Europe may impose substantial fines on companies who violate these laws.
CASL became effective July 1, 2017
Companies doing business with or contacting Canadian contacts that haven’t yet acted to obtain implied or express consent from those contacts are at risk. Companies must keep detailed records of consent or they may be subject to enforcement. Violations of CASL can result in large fines. The first company to be found in violation of CASL was fined $1.1 million dollars! Under CASL, implied consent must be renewed every two years or converted to express consent.
GDPR becomes effective May 25, 2018
Companies doing business with or contacting EU contacts must have a process in place to gain express consent to collect and store information on those contacts as well as send communications to them. They must also have adequately secure data storage methods for maintaining their contacts’ information and consent data. GDPR applies to all personal data collected by companies, not just contact information. Companies must keep detailed records of consent or they may be subject to GDPR enforcement.
What You Must Do to Comply with the New Data Privacy Regulations
First, identify contacts residing in the EU or Canada. Then decide how to collect and store express consent data for those contacts. Next, set up processes for continually updating the consent information. Additionally, ensure that your company’s systems are secure and implement processes for the proper handling of personal data.
Our Compliance First! program can help you create a plan to help you comply with these ever-changing regulations. The CLIENTSFirst team can help you:
- Audit current data
- Evaluate and enhance data storage
- Develop methods and processes for collecting and storing consent information
- Craft consent emails and subscription forms
- Create automated processes to ensure compliance and minimize compliance time
Get in touch with the CLIENTSFirst team to see how we can assist you with GDPR compliance.