A multi-disciplined creative design studio

T 613.482.1159

The elephant in the room

EU General Data Protection Regulation The GDPR is the new Privacy regulation created by the European Union. Its Directive aims to regulate the processing and storage of personal data of individuals within the EU and EU member states such as Iceland, Liechtenstein, and Norway. The GDPR is designed to have a broader scope and includes other significant changes that take into account the current cyber security landscape.

The most significant difference, a business can no longer assume they have consent to use, collect, and sell your personal data. The business must now ask for authorization to send e-mail, add their information to a database, store their credit card information, keep a history of past purchases, and send them promotional material. This law goes one step further; it gives the right of the individual the ability to log in and change the information you, as a business, are allowed to keep on file or delete the record altogether.

Now you might be wondering; my company is in Canada, this new GDPR law doesn’t affect me. Here is the catch, the GDPR law that came into effect on May 25, 2018, does. It’s a large troller net that encompasses everyone that an EU citizen has contact. The Law essentially follows a person around whether at home or abroad. The GDPR Law goes one step further and puts the onus of an individuals security in the business’ hands. That means a business must have an SSL Security Certificate, make regular backups of the site, provide access to the clients’ personal information, and allow a client to delete or change any contact information you may have on them.

You also have to inform the client how you use “Cookies” on your site and any information that may be collected and why. Canada has it’s own Privacy laws and the CAN-SPAM Act that came into force on January 1, 2017, in addition to the new Privacy laws enacted in the State of California, and well… you get the idea.

Privacy is the utmost concern and the security of and the handling of the personal data.

https://www.torys.com/insights/publications/2018/06/how-will-the-eu-gdpr-affect-canadian-businesses https://www2.deloitte.com/ca/en/pages/risk/articles/GDPR-and-Canadian-companies.html

Published in Evolving Media Chronicles
Written by Jeff Poissant, RGD
Edited by Kevin Burns

ISSN 2562-5578 (Print)
ISSN 2562-5586 (Online)

Consider reading


A Brand is a collection of parts that represent your company! Whether you’re just starting or already in business and looking to make a change, branding is the root of who and what your company is.

Let’s simplify this further.

Read More »
Technical illustration modified for use on the evolvingmedia.com website.

How do you manage passwords

In a previous article, we centred on security, the need to having an SSL Certificate, and the need of assigning someone to be a backup in case disaster strikes. Why do I mention this?

Read More »
Skip to content