Article from: William Yates, Novacom, February 25th 2016
“While this EU-wide regulation relates to the data owner – the entity legally accountable for the data -laws relating to data management, processing and security will also impact on your enterprise if there are contraventions by third party vendors, such as your digital marketing agency.
This means that you, and your enterprise must be confident that such third party vendors have the required legal know-how and competency in current EU Data Protection Directive 95/46/EC as well as upcoming GDPR.”
This great article from William Yates uncovers one of the major misconceptions most companies have about the new data regulations – its the company who gets fined not it’s external marketing company.
A large number of companies out there use specialist marketing companies to send or run their sales campaigns, this isn’t a problem but their assumption that their marketing company will handle all the issues associated with compliance is one of the most dangerous assumptions you can make about GDPR.
At the end of the day it is your company, not your marketing company who owns and uses personal data and it is you who garners the most advantage from such activity. Therefore it is you who is responsible, accountable, and liable when something goes wrong.
William’s article goes into the detail about this issue and many others GDPR can raise for companies who aren’t using the time left to us proactively or are content to assume compliance is someone else’s problem.