Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Finance

THE GDPR: 80% OF UK COMPANIES FACE “MAJOR CHALLENGES” FOR COMPLIANCE BY MAY 2018

THE GDPR: 80% OF UK COMPANIES FACE “MAJOR CHALLENGES” FOR COMPLIANCE BY MAY 2018

The race against time has already begun: the new General Data Protection Regulations, defined in 2015 to strengthen consumer protection at European level, will come into effect as early as 25th May 2018. Non-compliance with the GDPR will result in severe financial penalties. These are part of a general policy in the European community to harmonise data protection across the European area. A survey has revealed that, just 10 months before the GDPR compliance deadline, 80% of respondents said they face major challenges[1]. The GDPR is a major issue for all the players in e-Commerce. 

The RGPD, a major step and a real challenge for all companies

The new European regulation applies to any company that collects, processes and stores the personal data of European nationals, whose use can identify a person. All economic entities (companies, charities, administrations) must begin to implement the measures necessary to comply with the rules.

The major change resides in the requirement to justify all the data processing carried out (collected during the creation of accounts, newsletter subscriptions, navigation preferences, and so on).  For example, when a customer unsubscribes from a newsletter or changes the phone number on their customer account, the company must prove that the change has been made and to provide details of the processing (hours, IP address, and so on). At the request of the individual and at any time, his/her data may be deleted, modified or restored. The objective is to give consumers control of their identity and the commercial use of their personal information.

Finally, an enhanced protection for e-buyers!

Consumers must clearly understand for what purpose their data will be used on e-Commerce sites, and the scope of their consent must be clearly defined. Modern e-Commerce marketing techniques (retargeting, product suggestions and so on) must be explicitly accepted by individuals. They must also have direct access to their personal information. In practice, they can request the portability of their information (order data, wish lists, etc.) and obtain double opt-in consent for their children.

In case of a data breach, the user will be informed within 72 hours by the company, and the responsibility may lie with the subcontractor responsible for the leak, or with the host if the latter has been hacked. To ensure that these new rights are respected, the legislator has made it possible to pursue collective legal action through official representative bodies.

VSBs and SMEs – Implementation of the GDPR in e-Commerce 

By May 2018 all companies will have to comply with the new regulations. Implementation of the necessary measures implies thorough understanding of both the obligations and the means to achieve them.

The e-Commerce sites will have to ensure the highest possible level of data protection. To guarantee the security of their customers’ personal data, e-merchants must deploy technical measures and comply with strict rules regarding, for example, the implementation of a register of consent; retention of data; securing transactional mails; encryption of passwords and so on. A Data Protection Officer (DPO) will be appointed to ensure the implementation and monitoring of these actions.

We are entering into an era of total accountability for the company, a necessity with regard to the more than 64% of UK companies who have not begun their GDPR implementation for May 2018[2].

Let’s not forget that thousands of hacks target all the major players in e-Commerce every day. Data security and technical infrastructure are the major challenges for the web world. According to new government figures, around 46% of UK businesses have now suffered a digital attack. With 5.5 million companies in the UK, that suggests around 2.5 million may have been targeted successfully by hackers, with £174.5m records breached in September 2017[3] alone.

A binding framework for companies with major short-term impacts

Penalties for failure to meet the obligations imposed by the regulations are financial and indexed to the global turnover of the company. They can reach 10 to 20 million euros or 2 to 4% of turnover, whichever is the highest sum.

A new concept is emerging: “Privacy by Design”, a guarantee of quality and reassurance for entrepreneurs seeking optimal security of customer data. A site designed in “Privacy by Design” ensures that no module has been added to the site structure and that the solution has been developed with data protection as a prerequisite at every stage of the website’s construction.

Actinic, Europe’s leading e-Commerce solutions provider, is actively involved in these processes for its 10,000 European e-merchants. Unlike customized e-Commerce technologies or OpenSource, its SaaS model allows it to integrate privacy directly into the design and operation of Privacy by Design (IT) systems and networks. It thus guarantees reassurance to every customer of your VSB/SME, and prioritises the protection of the privacy and data of Internet users, in compliance with the GDPR.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post