By Kim Smouter
Why a scan, either conducted by ESOMAR or someone else is key to getting GDPR right
We are now officially living in a GDPR world, after years of negotiations and a two-year ‘transition’ period, the EU GDPR (or General Data Protection Regulation if you’d rather call it by its full name) entered into force in May. Its arrival was heralded with a flurry of emails of all shapes and sizes reaching the inbox of people from the four corners of the world. Thanks to that flurry of emails, if you didn’t know about GDPR before May, your inbox certainly told you about it in the meantime! But, if one looks carefully at all the emails, one can also see patent misunderstandings of the legal requirements to secure consent which has to be informed, unambiguous, freely given, and affirmed by a clear action. The wide variety of emails with an equal diversity of calls to actions (opt-in, opt-out, only opt-in if you want something changed…), some might say companies missed the plot or at least followed less than informed advice! So, whilst the reality might be that there is more awareness than ever before about the EU GDPR’s existence, to say that we all understand what exactly it entails is a whole other enchilada, or cookie, or whatever national dish is best placed at the end of this sentence.