GDPR Compliance

The General Data Protection Regulation (GDPR) is a comprehensive privacy law enacted by the European Union (EU) that governs how businesses can collect, use, and process the personal data of EU citizens. Effective since May 25, 2018, GDPR aims to give individuals more control over their personal information and to standardize data privacy laws across Europe.

GDPR has a broad reach and applies not only to businesses based in the EU but also to any organization worldwide that processes the personal data of EU citizens. If your business collects, stores, or manages personal data from EU residents—whether you’re located in the EU or not—GDPR compliance is required. This is particularly relevant for businesses with EU customers, contacts, or operations.

At AV Social Strategies, we are committed to GDPR compliance and ensuring that we handle all personal data with the utmost care and responsibility. We have implemented various measures to align with GDPR requirements, and we are here to help our clients navigate their own compliance journey.

To meet GDPR standards, AV Social Strategies has taken the following actions:

• Data Identification: We have identified all personal data that we collect, including information from contact forms, newsletter sign-ups, and website interactions.
• Transparency: We’ve updated our Privacy Policy to provide clear and transparent information about how we collect, use, and protect your data.
• Data Security: We have enhanced our data security measures to ensure that all personal data is stored and processed securely in line with GDPR standards.
• Data Portability and Access: We’ve developed processes to ensure data can be easily accessed, transferred, or deleted upon request by the data subject.

Policy Review: All internal policies and client agreements have been reviewed and revised to ensure GDPR compliance.

If your business needs to comply with GDPR, AV Social Strategies can assist in several ways:

• Site Audits: We conduct audits to identify where and how personal data is collected on your website.
• Privacy Policy Support: We recommend tools and resources to help you create or update your Privacy Policy to align with GDPR.

Cookie Management: We can install and configure cookie notifications on your site to ensure users are informed and consent to data collection.

Before diving deeper, here are some essential GDPR concepts:

• Data Subject: The individual whose personal data is being collected, stored, or processed.
• Personal Data: Any information that can identify a living person, directly or indirectly, such as names, email addresses, IP addresses, and more.
• Data Controller: The entity that determines how and why personal data is processed.
• Data Processor: The entity that processes data on behalf of the Data Controller.
• Data Protection Officer (DPO): A designated person responsible for overseeing data protection strategy and GDPR compliance.

Breach Notification: The requirement to notify stakeholders and authorities within 72 hours of becoming aware of a data breach.

GDPR grants individuals several rights concerning their personal data:

• Right to Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You can request corrections to any inaccurate or incomplete personal data.
• Right to Erasure: Also known as the “right to be forgotten,” you can request that your personal data be deleted.
• Right to Data Portability: You can request that your personal data be provided in a machine-readable format and transferred to another controller.
• Right to Withdraw Consent: You can withdraw your consent for us to process your personal data at any time.

Non-Compliance Consequences: Non-compliance with GDPR can lead to significant penalties, including fines of up to 4% of annual global turnover or €20 million, whichever is greater. These fines apply to both data controllers and processors, emphasizing the importance of compliance for all businesses handling EU citizens’ data.

For more information about GDPR and how to ensure compliance, you may find the following resources helpful:

• EU GDPR Website
• Information Commissioner’s Office (ICO) Guide to GDPR
• Full GDPR Regulation Text
• Google Analytics Privacy Policy
• Cookiebot for Cookie Management
• HubSpot GDPR Compliance