The GDPR has been widely publicised and speculated upon. Many areas of the legislation are based on a balance between the consumer’s right to privacy and a company’s need to breach privacy. With a lack of black and white rules, numerous myths and assumptions have begun to circulate. In order to be able to identify myths vs truths, follow these steps (and yes, download our myth busting ebook).
Understande the terminology
The GDPR is a legal text. While it’s not impossible to read and understand, it does become very difficult if the basic terminology is still unclear. Understanding what for example a data controller is vs a data processor is vital to understanding a business’s responsibility (or in fact responsibilities) when it comes to implementing the GDPR. Who exactly is a data subject and what is defined as personal data?
The very first step in tackling not just GDPR myths but your knowledge about the legislation is to understand the meaning behind the terminology used. Here is a link to our glossary of terms which explains the basic terminology.
Plain English explanations
Where possible, search for plain English explanations. If someone tells you how to tackle the GDPR ask them to explain it. Anyone who truly understands the legislation is able to explain it in plain English. Let’s not forget, the GDPR is asking us to communicate about privacy in a transparent way.
There is also plenty of help out there, from myth busting eBooks to good and bad examples of privacy notices. In addition, did you know that your local Data Protection Authority or DPA is not just here to penalise data breaches? Yes, they are here to help businesses with their compliance questions. Don’t be afraid to reach out.
Backing it up with the legal text
There is no way around reading the legal text when you want to bust GDPR myths!
Our advice is to first understand what information can be found in which paragraphs of the legislation so you know where to find answers. You don’t want to search the entire text every time you are looking something up and read through paragraphs endlessly without finding what you need.
We’ve shared this link a few times, thank you Intersoft Consulting for your organised overview of the regulation. With the built in search functionality and overview of sections by headers, it’s simple to find the areas of the legislation that will apply to the myth you’ve just heard and need to verify.
Backed by your understanding of the terminology used in the GDPR it becomes a lot simpler to read paragraphs and digest them.
Knowing how to take action
When you start to understand the GDPR, are able to explain the text in plain English and can read the legislation, then taking action become simpler.
Knowing what to do to become compliant is key for marketing & sales teams to continue to process data. This means being able to generate leads, performing email marketing, reaching out to customers for upsells...well, it means being able to do our job in a compliant and successful manner.
We’ve done some of the work for you
It’s easy for us to say, we are certified privacy professionals and inbound marketers. We actually went through the same steps and learnings when it came to GDPR myth busting. And to help you along, we’ve bundled the 10 myths we hear most into one ebook.
We run through the basic GDPR terminology before busting each of the 10 myths in plain English, back it up with the legal text and give you the steps to take next. Covered are myths around locality, consent, privacy notices, cloud service providers and more.
Have a myth (or question) we didn’t cover? Leave a comment below!