It’s all about GDPR
The General Data Protection Regulation is a new EU law that replaces the Directive 95/46/EC. It changes the way of collecting, using and storing the personal data. The regulation also provides new rules for organisations on how to handle it.
What does Personal Data actually mean?
Personal data is data which relates to a living individual. It can be used to identify said individual, including expression of opinion. That means your name, address, phone number, email and IP address or location data. Companies like Bidroom collect them to run businesses and give you an access to all services we provide.
Apart from the personal data, GDPR covers the subject of sensitive information, such as the religious beliefs, political views, sexual orientation, health, biometric and genetic data. What makes the sensitive personal data special, is the fact that all companies must obtain clear permission from the clients to use them. Customers have to actively ‘opt-in’ to share them.
Why is this so important?
For you – Bidroom member
- GDPR gives you the control and lets you have more control over your data.
- Right to erasure – also known as the ‘right to be forgotten’. The GDPR introduces a right for you to have personal data erased. The devil is in the details though, as this right is not absolute and only applies in certain circumstances.
- Right to data portability – The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows you to instruct a company to take all your data and send it elsewhere, for example when you switch phone networks without changing your number.
- Right to be informed – Individuals have the right to be informed about the collection and use of their personal data. This is a key requirement regarding transparency under the GDPR.
For us – Bidroom
GDPR introduces a duty on companies to appoint a Data Protection Officer (DPO). The DPO has a number of important responsibilities including:
- monitoring compliance with the GDPR and other data protection laws;
- raising awareness of data protection issues, training staff and conducting internal audits; and
- cooperating with supervisory authorities such as the ICO on the company’s behalf.
All organisations now have to report certain types of personal data breaches to the relevant authority. Once a company becomes aware of a breach, they’ve got a responsibility to report it within 72 hours. If it looks like it could affect individuals’ rights and freedoms (for example a person could be in danger of identity theft), the company also has to inform those affected as soon as possible.
What is Bidroom doing about GDPR?
We’re trying to be as transparent as possible. We know how much you value your data. By allowing us to use it, you let us create an offer that better suits your needs, which will hopefully help you get even better value from the Bidroom services.
There is a new privacy section on Bidroom.com. You can find it here.
We are committed to:
- Always keep your data safe and private
- Never sell your data
- Allow you to manage and review your marketing choices at any time.