GDPR Explained in Five Simple Steps

The new GDPR legislation came into force in May 2018, ensuring we’re all covered by the strongest data protection rules in the world. But, what is it and why is it necessary?

The introduction of GDPR forced businesses across the globe to rethink and modernise the way they keep their customers’ information. Past legislations quickly became outdated with the rapidly developing world of technology, meaning there was a higher risk of an individual’s information being used in the wrong way. People who now choose to give their information to organisations have more control over what they share and what can be stored. We’ve teamed up with AccessPay, a Bacs approved software provider, offering fraud detection software, SWIFT gpi and other payment technology solutions to businesses. They’re here to explain GDPR in five easy to digest steps to ensure you’re in the know.

1. What is GDPR?

The General Data Protection Regulation, or GDPR, replaces the old Data Protection Directive law from 1995. The new regulation is needed to increase the amount of power an individual has over their own information. They will be able to get access to the data that a company holds about them or request the deletion of any personal data they no longer wish to share. It’s not only customers who will benefit from the change; businesses themselves have updated ways in which they should store and process personal information. This customer information can be anything that could potentially identify them as an individual.

2. Who is covered by GDPR?

As we’ve discussed, consumers benefit greatly by the change, but GDPR will also affect every company and organisation. Let’s keep it simple; if you’re a business storing the personal information of your customers, then this applies to you. Larger companies will be affected more than others, due to the fact they’ll hold much more consumer data than smaller organisations. The legislation will apply to those in the EU, including the UK. Businesses holding the data of these consumers need to comply with the new legislation.

3. What are the main objectives of this new law?

The main objective of GDPR is to give individuals peace of mind and ultimate control when it comes to their personal data. However, this isn’t the only benefit of the change in law. The change will create a unified approach, meaning that the way data protection is addressed across the EU will be safe and fair for all involved. It will also improve the levels of compliance, which means that organisations will be forced to meet the new regulations or face a significant penalty. These days, keeping your information secure is of highest importance.

4. What should we now be doing to follow this change?

If you’re a customer, you don’t need to do anything, but you do have the right to access your data or request for it to be removed if you require. If you’re a business and are not yet complying with the new law, you need to act fast. As well as following the new guidelines, GDPR is also your chance to improve how your organisation currently operates. The first step is to review your current data protection and security measures and assess what is and isn’t following the new protocol. Telling your customers about the new change and recording their consent ensures that everyone involved are aware of their rights and what the next steps are going forward. Make sure staff are trained and are conscious of how to collect and process the right data in future.

5. What are the long-term effects of GDPR?

The introduction of the new regulations should create a ‘level playing field’; the whole of the EU will be on the same page, ensuring everyone’s data is safe from unauthorised access. Any company working with a citizen of the EU needs to comply with GDPR regulations, and by everyone using the same rules, fairness and organisation trust is in abundance. The overall process will build better services and more ethical practices in the future. As global advertisers begin to come on board, industries will need to make some crucial adjustments to ensure they’re following best practices.

It’s also worth noting that the next European regulation complements the current GDPR policies. The ePrivacy regulation will focus on issues such as confidentiality and browser cookies to make everything even more convenient for both businesses and consumers alike.

Access Pay

This post was written in collaboration with AccessPay, who focus on payment technology solutions for businesses looking to simplify how they process payments. You can find more information or request a quote at

Share this article