GDPR, the General Data Protection Regulation, taking full effect in 2018 gives consumers more control over the personal information that businesses collect about them. As stated by the European Union (EU) and the European Economic Area (EEA), this law secures new privacy rights for EU consumers consumers, including:
- The right to know about the personal information a business collects about them and how it is used and shared
- The right to delete personal information collected from them (with some exceptions)
- The right to opt-out of the sale of their personal information
- And the right to non-discrimination for exercising their Consumer privacy rights
What is considered personal information under the GPDR?
Under the GDPR, personal information is information that identifies, relates to, or can be reasonably linked to you or your household. Examples of personal information include name, personal ID documents, email address, geolocation data, and fingerprints. Information that is not considered private is information that is publicly available - in other words, information lawfully made available from federal, state, or local government records.
GDPR applies to any profit or not profit business big or small in the European Economic Area that meets any of the following criteria:
- Businesses with offices physically in the EU
- Businesses whose online presence target EU customers, for example websites allowing EU residents to order goods or services.
- Businesses that track individuals in the EU for example; the internet using such data processing techniques to profile individuals.
- Buys, receives, or sells the personal information of EU residents, households, or devices.
Why is it important to consider a company’s privacy practices?
The safeguarding of personal information should be important to any company you are doing business with. Melissa’s approach to privacy is to ensure the security of the information in our care and to maintain the privacy of consumers through appropriate, responsible use. Melissa products and services rely on data collected from a range of third-party data providers, including both government and private sources, which may include a consumer’s personal information. Under such data privacy acts like GDPR and CCPA, a resident that falls under these acts may submit a verifiable consumer request to exercise the rights listed above. Melissa remains dedicated to ensuring your client data is securely managed by establishing and refining our controls, and we continually undergo independent security audits to reinforce our commitment to data security, privacy and compliance requirements.