SendMyCall wants to tell you this week about GDPR, a major new law that goes on the books next month. This new law could affect you. In fact, it probably will.
GDPR stands for General Data Protection Regulation. It isn’t an American law. GDPR is a law of the European Union. It takes effect on May 18.
It can apply to you if you do business from a location anywhere within the EU or if you have customers who are EU citizens. In those circumstances, you must obey this law or you can be fined 4 percent of your annual revenues or approximately $25 million, whichever amount causes you the most pain.
Why You May be Subject to GDPR
We bring GDPR to your attention because the toll-free virtual phone numbers you obtain from SendMyCall to let customers reach out to you without charge from around the world could be bringing you incoming calls from Europe.
Or it might just be that you’re using SendMyCall toll-free virtual phone numbers to attract customers from the U.S. and elsewhere, but you’re based within the EU.
If you’re as a result subject to GDPR, you need to prepare now to take steps to comply with the new law.
GDPR is mainly concerned with customer data you store on your Smartphone or laptop or desktop computer—data you possibly acquired from the cookies your website planted within a visiting EU citizen’s computer or mobile device.
Another way you could have come into possession of data covered under GDPR is if the EU citizen filled out an online form you posted. Still another way: he or she sent you an email with his or her personal details in it. Also: you entered the customer’s data into your systems during or after a sales call initiated when he or she dialed you on your SendMyCall toll-free virtual phone number.
Safeguard Collected Data
GDPR requires you to take serious measures to safeguard your customers' data. We’re not able to recommend specific policies, procedures, and mechanisms for accomplishing that. But we can recommend at least one helpful resource.
New York City-based data-and-analytics consulting firm Knowledgent has a GDPR whitepaper that will explain many of the ins and outs of this sweeping new law. The title is "The Essential Guide to GDPR" and you can request it here.
Want a sneak preview of what you’ll see in that whitepaper and other GDPR tip-sheets? Well, for starters, GDPR demands you keep good records so that you can show inquirers where the data came from and who besides yourself has looked at it.
GDPR Imposes Limits
GDPR limits what you can do with data you harvest. Above all, you must use it for the exact purpose you said you were going to use it for. Also, you can only collect data you legitimately need.
If an EU citizen says to you, “Hey, let me see the data you’ve got on me,” you have to comply. If that same citizen then says, “Hey, a bunch of this data is wrong and I want it removed,” you again must comply.
You have to tell people that you want to collect data on them before you start capturing anything. As well, you must get from them a clear, no-mistake-about-it OK in order to legally acquire any such info.
Don’t fool yourself into thinking GDPR is no big deal; that you can take your chances and not worry about the law. The odds of you getting away with GDPR violations are slim. Because, in addition to having to dodge EU law enforcers, you’ll also have to hide from EU citizens—the law lets them haul you into court and initiate proceedings against you on their own.
And haul you in they will. Pegasystems—a Cambridge, Massachusetts, maker of cloud software—polled 7,000 EU consumers and discovered that 82 percent of them won’t hesitate to bring you to justice under GDPR.
For these and other reasons, we urge you to get up to speed on GDPR. And obey it. It’s the law.