Many business owners and company executives must be wondering about the difference between the Organic Law on Data Protection (LOPD) and the new General Data Protection Regulation (GDPR). Moreover, they must be wondering what the reformed law means for them! Marketing and communication heads are right to be concerned as these legal changes will definitely affect the way they operate.
Law on the Protection of Personal Data
Before we proceed with the comparison, let us first discuss what they are. Let us start with the older LOPD. Since 1999, Spain already has a data protection legislation in place. However, records have shown that only half of the local companies comply with it. The current LOPD is the latest version of the regulation and its approval coincided with the EU-wide GDPR.
Below are the provisions and requirements mentioned in the LOPD:
- Determination of the age of consent for personal data processing to be 13 years old
- Verification that recipient of commercial communication is not on any advertising exclusion list
- Delegation of a Data Protection Delegate to implement the LOPD
- Permission for heirs and family members to access, delete, or modify the online data of the deceased
General Data Protection Regulation
On the other hand, the GDPR is a European Union regulation incepted in April 2016. It has since served as the primary law in the regulation of the way companies protect the personal data of EU citizens. Its implementation began in May 2018.
Here are several important requirements mandated by the GDPR:
- Notification of users in case of any data breach
- Requirement of the consent of subjects when it comes to data processing
- Anonymization of collected data to secure user privacy
- Requirement of a data protection officer to ensure compliance with the GDPR
- Insurance of safe data transfer across the borders
Aside from learning these guidelines, it is imperative to see if you are subjected to this regulation. The GDPR makes it unnecessary for EU member states to come up with their own data protection laws. What you need to know here is that all companies offering their products or services to EU citizens and residents are subject to the GDPR. This means that the regulation will apply regardless of your business address as long as you have a European market!
LOPD and GDPR: What To Do Next?
Now that we have outlined the basic information about these two acts, it is time to see what makes them both similar and different. Obviously, the main reason they are often compared is that they both pertain to the data privacy of the constituents. However, the coincidence of their application also plays a part in it. The question now is this: what do you need to do for your business?
Below are the steps you need to follow if you want to get a lead in the age of digital privacy:
- Comply with the requirements
Understand and follow the requirements defined by both the LOPD and GDPR. It is important to accomplish this right away if you haven’t yet! If you feel overwhelmed, there are companies offering their services to streamline the process. They can handle the adaptation of the systems in your business and appointment of a delegate so that you can focus on running the operations.
- Inspect the legal notice, subscription forms, and other texts
Scour your website for all the texts in your blog or website. Check if they comply with the new regulations. As a rule of thumb, you need to assess if everything only asks for the necessary pieces of information. It is important for the text to clearly communicate request of consent if you, at any point, need their personal data. With the LOPD and GDPR in place, a generic message of content will not suffice.
- Communicate your efforts
Do not forget to do this last step! Let your customers and followers know that you have adopted measures to comply with the LOPD and GDPR. Your client base will definitely feel like trusting your service is the right decision once they hear this. Keep in mind that it is now harder to retrieve personal data. This means you need to take care of the information you have previously obtained!
The LOPD and GDPR have made it harder to understand your customer base so it is important for you to improve your marketing game. Make sure you keep the provisions in mind when you create a campaign! If you need to get a leg-up, we advise you to focus on inbound marketing instead of outbound marketing.
These days, content creation is the name of the game.