Opportunity abounds! The EU law on privacy, GDPR, presents the opportunity for start-ups to get on the front foot and design their product or service to comply with the gold standard of EU privacy laws, leaping ahead of legacy non-compliant competitor products. Not only will this secure more customers, but it will keep the business’s costs down too.
As importantly, those who don’t include GDPR in their design considerations may lose a huge business advantage or possibly fail altogether. This is because GDPR is fast becoming not only the European standard for privacy, but the global standard for privacy. All EU companies have to comply with GDPR, and will only want products and services that enable them to comply with GDPR. And as the GDPR quickly impacts everyone in the supply chain, any organisation that has an EU customer in its supply chain, will also need products and services that comply with GDPR.
Creating products and services that comply with GDPR requires a good understanding of the GDPR law as well as a good deal of creative thinking and UX design experience. The key design features for GDPR compliance relate to enabling individuals to exercise their privacy rights under GDPR. Design features need to include:
One of the key issues is to ensure that the cost of complying with these user’s rights is kept to a minimum, usually by enabling the user to 'self-serve' wherever possible. Another key issue is to use good design to minimise the impact of meeting the GDPR requirement in a user-friendly way. For example, privacy collection notices that should be included at each point where a user enters personal data run to a page or more of mandatory text, so careful consideration needs to be given for the users’ experience. In addition GDPR requires all consents need to be opt-in, with clear, unambiguous, freely given, informed, affirmative consent so there are no more 'default' yes, or 'default' yes check boxes. And you can't have a single "I Agree" check box for both a privacy consent and your terms and conditions. It is much easier and cheaper to design these features into your product roadmap and include privacy by design and default than it is to retrofit these features into legacy products and services. All this gives the start-ups a huge advantage.
If your business requires an Art 27 GDPR Representative, select the plan that fits your business size to start your 30 day free trial.
30 day free trial
Access to all features
No credit card required to trial
No obligation to continue after your free trial
Flat monthly fees, no hidden costs or long term subscriptions
Owner, with no employees
1 to 10 employees
11 to 50 employees
51 to 250 employees
over 250 employees