By 25th May 2018, European printers will be expected to be in full compliance with the EU’s recently adopted General Data Protection Regulation (GDPR), legislation introduced to replace and update a 1995 Directive.
The GDPR will affect any company or organisation that holds personal data (including that of its own staff). This legislation will consequently affect printers who, as a part of their services, regularly handle people’s personal data (i.e. telephone numbers and addresses). This includes, for example, printers who fulfil direct mail campaigns for their customers. Because of its effect on printers, Intergraf has produced a guide to the new legislation to help all of our members remain compliant.
Our Guide to the European Data Protection Regulation for European Printers explains the origins of the GDPR, how it will affect printers and how companies should use, store and collect personal data under the new rules. Throughout the document, we have exemplified clear case studies using printing companies as subjects to present best practice ways of becoming compliant. In addition, our guidelines provide readers with key definitions to help them understand the full GDPR.
So what can printers do to become compliant? Included in the guide is a simple checklist to assist printers on their journey towards full compliance. This simple checklist is explained in more detail in the full document, as well as extended concrete examples and case studies being given to demonstrate how to implement the advice within your own company:
- Check what personal data you process, where it’s stored and how it flows within your company;
- Review privacy-related documents, contracts with sub-contractors/partners and conditions of sales;
- Set up new technical and administrative processes to prevent and remediate data breaches;
- Consider adopting codes of conduct and/or certification to improve your reputation;
- Consider appointing a Data Protection Officer as a staff member;
- Document data protection policies and procedures.
The European Commission recently published the results of a Eurobarometer and public consultation about EU rules which govern the processing of personal data and privacy in the electronic communications sector. The resulting highly relevant findings help to highlight just how important it is for companies to take the necessary steps to safeguard their customers’ personal data as much as possible. “A large majority” of the 27,000 Eurobarometer respondents, for instance, said that the privacy of their personal information is “very important” to them.
Intergraf’s Guide to the European Data Protection Regulation for European Printers is freely available to Intergraf member associations and companies via the Members’ Area of our website.