The ICO website clearly states that data collected under current DPA regulations
will not be GDPR compliant. This is a bad news for most companies and a
disaster for lead generators or data brokers and buyers. There is no easy way
out of this – the new GDPR regulations are so different from current DPA its
unlikely that your current data meets these requirements.
Consider this. When the data was collected did you provide a privacy
statement; clear description of how the data would be processed; who would
process the data; and where it would be stored? I fear not.
You can take action – here are a few ideas:
1. Change your websites to ensure you meet new GDPR requirements now
2. Make sure your contract with any data suppliers is based on GDPR
principles – this is VERY important
3. Migrate your data to GDPR using tools such as those provided by
OptIndigo
4. Make sure your data management processes are robust
5. Do a complete audit of hardware and databases to remove anything you
don’t need
You need to do this now. GDPR is pretty complicated, it will take you time to get
your processes in order.
Feel free to contact us to discuss or disagree – we would love to be proven wrong
on this!
Good luck.