The EU General Data Protection Regulation (GDPR) is a law that was adopted by the European parliament in April 2016 and will become enforceable on May 25, 2018. The regulation applies to the collection, processing, and movement of personal data for individual residing in 32 European states (28 EU states + 4 other European states). Now, individuals must understand exactly what they have consented to which means that an end-user must give specific consent for each personal data and agree on how it will be used.
How will GDPR impact guest Wi-Fi practices and deployments?
Vendors will need to provide tools to get end-users’ consent to use their personal data for marketing. Venue managers and brands will also want to give end-users transparent access to that personal information
- Privacy self-management
- Handled by customer care
GDPR, requires vendors to erase all personal data upon request from the end-user within 30 days (GDPR).
Saas vendors will need to provide system administrators the ability to create and configure as many terms and conditions/privacy policies as required. All end users must be able to exercise their access rights through the network administrator.
GDPR requires companies to implement privacy-by-design, VP Marketing at Cloud4wi, so that information is always protected regardless of the application in use as well as development projects. Privacy must also be protected by default, ensuring that the least amount of personal data is in play at any time. Reducing the amount of accessible data is key to improving data protection.
“If there is a data breach, it must be reported to authorities and customers within 72 hours from when a company first becomes aware of the incident. This will require a high-speed response that many companies today are unable or unwilling to provide.” she added
Fon’s GDPR highlights some important end-user rights:
- All end users may exercise their right to rectify their personal data by contacting the network administrator who has access to user profile pages and can edit and update all modifiable personal information based on the requests of end users.
- All end users have the right to request that they be permanently deleted from the service. Their associated user data will not be deleted until period of proscription but none of the information related to this end user will be displayed in any API, and thus will not appear in the management platform.
In summary, the impact of GDPR among the public is hard to predict, one thing is sure, GDPR will force the adoption of better marketing practices.