GDPR & Shipping: 6 Ways to Prepare
On May 25th, everything changes. Though it may sound hyperbolic, no law has ever had the potential repercussions to nearly every facet of business than GDPR. While the law only pertains to the EU - given the globalized market in which we exist, nearly every business is affected. The fact that GDPR has not gotten more coverage in mainstream news outlets is a bit shocking. While most global businesses are busy worrying about tariffs and potential trade wars, GDPR is a sure thing - there's no chance it won't happen. GDPR stands for "General Data Protection Regulation." It is an extensive piece of legislation that standardizes data protection across all 28 countries in the EU. The law establishes rigorous rules that pertain to personal information and data. In theory, it is meant to give control of personal data back to the individuals. In practice, it will have far reaching consequences for businesses of all types, all over the world. In particular, GDPR gives individuals the right to access, correct, delete, and restrict processing of their data. It creates strict guidelines about how you need to get customers to agree that you can use their data by giving explicit consent.Businesses that ship goods globally, though they might not realize it, will be impacted as well. Not only regarding their networks and marketing, but in their actual shipping activities. Time is short, so if you haven't begun preparing, now is the time to do so. Not tomorrow, not next week - now. Here are 6 ways businesses that ship goods can prepare for GDPR implementation:
Learn About GDPR
If you are just now hearing about GDPR, or have only recently realized it may impact more of your business than you initially thought, you need to get caught up ASAP. There are some good resources that can help you get started:
Preparing for EU GDPR from IT Governance Ltd
Don't Assume Anything
Think GDPR doesn't apply to your company because you are based outside the EU? Think your division is exempt because you work on logistics & supply chain rather than marketing? Think again. As mentioned earlier, GDPR is quite possibly the most far reaching and impactful piece of legislation since Dodd-Frank. While it only applies to the EU, this does include companies that do business in the EU, or with EU persons. If your company has customers that have resources based on the EU, even if it's not their headquarters, then GDPR will impact you.People in logistics, supply chain, and freight are no exception. While your divisions may not be processing personal data on the level of some other aspects of the company, there is data being processed nonetheless.
Create Internal Awareness
As we get closer to May 25th, it is incumbent on businesses to prepare their teams for the changes coming. Undoubtedly, you will get questions from customers regarding your compliance to the new law and everyone in the company needs to be on the same page.
Speak to a Lawyer
This should really be your first order of business. Hopefully, you have already started. If not, there are plenty of lawyers and law firms that are now positioning themselves as experts in compliance to this specific law. Do some research, find the right lawyer for your industry that has good references. Set up a call ASAP and get their insights into next steps. They, and only them, should be your main source of direction for complying with GDPR.
Company-wide Implementation
After speaking with your lawyer and formulating a plan of action, make sure that implementation is company-wide. That means all impacted divisions, and the employees within those divisions, are fully abreast of the new rules and how they will impact their daily work. Having a basic "cheat sheet" given to those people who communicate externally (sales/support) for answers to frequently asked questions may also be helpful.
External Communication
While communicating internally to your employees is important, externally communicating to your customers is more important. In particular, you will want to get ahead of the windfall of questions and requests from multi-national customers. In order to do so, a clear description of changes your company has made as a result of becoming compliant to GDPR is necessary. To make sure you get this information to as many customer as possible, send a special email to your list of customers and subscribers linking them to the new announcement. For further awareness, leverage social channels to communicate these changes to a greater audience. GDPR goes into effect on May 25th, 2018. We will continue to provide information about how GDPR will impact shipping as additional details come out. Stay tuned.
