Opportunity abounds! The EU law on privacy, GDPR, presents the opportunity for start-ups to get on the front foot and design their product or service to comply with the gold standard of EU privacy laws, leaping ahead of legacy non-compliant competitor products. Not only will this secure more customers, but it will keep the business’s costs down too.
As importantly, those who don’t include GDPR in their design considerations may lose a huge business advantage or possibly fail altogether. This is because GDPR is fast becoming not only the European standard for privacy, but the global standard for privacy. All EU companies have to comply with GDPR, and will only want products and services that enable them to comply with GDPR. And as the GDPR quickly impacts everyone in the supply chain, any organisation that has an EU customer in its supply chain, will also need products and services that comply with GDPR.
Creating products and services that comply with GDPR requires a good understanding of the GDPR law as well as a good deal of creative thinking and UX design experience. The key design features for GDPR compliance relate to enabling individuals to exercise their privacy rights under GDPR. Design features need to include:
One of the key issues is to ensure that the cost of complying with these user’s rights is kept to a minimum, usually by enabling the user to 'self-serve' wherever possible. Another key issue is to use good design to minimise the impact of meeting the GDPR requirement in a user-friendly way. For example, privacy collection notices that should be included at each point where a user enters personal data run to a page or more of mandatory text, so careful consideration needs to be given for the users’ experience. In addition GDPR requires all consents need to be opt-in, with clear, unambiguous, freely given, informed, affirmative consent so there are no more 'default' yes, or 'default' yes check boxes. And you can't have a single "I Agree" check box for both a privacy consent and your terms and conditions. It is much easier and cheaper to design these features into your product roadmap and include privacy by design and default than it is to retrofit these features into legacy products and services. All this gives the start-ups a huge advantage.
It is relatively easy to comply with both EU GDPR and UK GDPR representative requirements. By appointing and maintaining both an EU and a UK representative you will be compliant in both jurisdictions.
We are happy to act on your behalf, as your GDPR representative. Our monthly, flat-fee price is based on the size of your business.
Select your business size to appoint us as your GDPR representative in the EU & UK today.