Get GDP (GDPR) or Get Fined 20 Million Euros!

If you think PCI was challenging, wait till you get hit with GDPR!

General Data Protection Regulation (GDPR) was designed to harmonize date privacy laws across Europe and to protect and empower EU citizens data and privacy and to set the way organizations, (especially in the US) receive, store (or not store) use and distribute date and control privacy.

If you’re are storing or plan to store any data that could be tied back to an individual, it can now be considered “personal data” and will now be considered “private”. Once you believe you have a legitimate reason to process personal data you must decide whether or not your intended usage of that data is fair and lawful.

Understanding your obligations as the DPA and PECR outline with regards to direct marketing will help you establish this.

For example;

  • Name
  • Address
  • Email Address
  • Credit Card Number
  • Mobile Phone Number
  • Bank Account Details
  • Driver’s License Number
  • Passport Number
  • IP Address
  • Online Name (usernames)
  • Generic or Biometric Info.
  • Shopping History
  • Shopping Preferences
  • Life Preferences

Are all types of personal data that you should not be storing, without proper protection.

Why the Change to GDPR?

Much of the catalyst for the tightening of the EU’s laws is the concern over data breaches. In the US alone, there were over 3 Billion accounts in 2016 alone.  To ensure compliance, penalties and fines can be as high as 20 million euros (US $23,521,000) or 4% of global turnover, whichever is greater.

The Cost of a Breach is Going Up

With the average cost of a data breach at over $7 Million1, you would think that more C-Level owners and operators would take data security more seriously. Sadly, many of them, must be dragged along or forced to take this subject seriously. Xennsoft itself, has had to threaten termination to more than one of its clients, just to get them to comply with new and existing rules.

Are you Ready?

Xennsoft® has spent countless hours (well, it’s actually around 2,500 – but who’s counting) GDPR compliance. Working with companies such as TokenX and PCIonline. To find out more about Xennsoft® systems, security and services, contact Trace Jensen at 801-233-8200 tjensen@xennsoft.com

  1. Ponemon Institute: 2016 Cost of Data Breach Study: United States; 2. Ponemon’s 2015 Global Cost of Cybercrime Study GDPR at Xennsoft

GDPR Portal

What is Tokenization?

Article by: P A Stewart

About the Author:

Preston Stewart
Preston has been providing service and support to the Direct Sales industry for over 15 years now. As founder and owner of Xennsoft, LLC, he has consulted with and helped build, dozens of companies. From start-ups to multi-million dollar worldwide enterprises, he has been involved in almost every aspect of their success. Preston was also founder and owner of Interactive Communications Inc., and Co-Founder of GrayWhale CD. Preston lives in beautiful Alpine, UT, has four wonderful children, loves the out-of-doors, has a fetish for classic cars (his favorite is the '66 Corvette Stingray) and is active in his church and community.Favorite Quote: Never let a problem to be solved, be more important than a person to be loved!