If you run a business that retains personal data of any sort, the General Data Protection Regulation (GDPR) is probably something which you’re increasingly familiar with.
This set of regulations comes into force on May 25th, 2018. By that time, all businesses covered by the new regulations will need to be compliant. To keep you up to speed on how these rules will affect our business, we promised to produce a series of updates on the changes we plan to implement.
We’ve already outlined how we think these new rules could impact Publish Interactive and the personal information that we store, but now we’re able to detail the changes we’re making to iReports to help you stay compliant.
The most important thing to stress is that these alterations aren’t major and, as such, shouldn’t give anyone sleepless nights. Another thing to explain is how they fall broadly into three categories: registration changes, data storage, and removal of a bulk email feature.
We plan to update registration pages so when new users are signed up by our customers, they will have to actively opt-in and acknowledge storage of their Personally Identifiable Information (PII).
This new opt-in will be part of the registration process and will involve the end user checking a box to opt-in. Each publisher will be expected to supply the text they want to appear on these re-jigged registration pages.
In addition to the mandatory PII storage approval opt-in, publishers will be given an option on whether to ask end users to opt-in for marketing.
If publishers want to make use of this opt-in request, they can either have a single checkbox to confirm both the PII and marketing opt-in, or they could have separate checkboxes for each.
As users will have the option to opt-out of receiving marketing messages, we are removing the bulk email facility that allows publishers to send the same message to all users.
When a publisher deletes a user from their system, this will automatically remove the PII associated with that individual. ‘Ghost’ user stats will be retained, but these will be disassociated from any identifiable user information.