Happy Birthday! GDPR is Three Years Old

It is quite amazing that, 3 years ago, four simple letters could inspire fear and trepidation in the hearts of many businesses. GDPR was coming and there was no escape!  


Did you know that the first Data Protection Act came into force in 1984 – long before most of us knew email was a thing! We were too busy perfecting our mullets, or crimping our hair and listening to Duran Duran! This was succeeded by the Data Protection Act 1998 and finally GDPR on May 25th  2018.  


It’s hard to believe that in 1995 less than 10% of UK households had internet access but by 2010 it had risen to over 70%. It was this inexorable rise in technology, and, of course, the internet that catapulted the furtherance of data protection law.  

Although there was considerable lead in time before GDPR was legal, for many it was a scrabble to initiate the required changes to ensure compliancy by the deadline. Hands up who’s Inbox groaned under the weight of a gazillion hastily sent “we have updated our privacy policy” emails – weirdly all on or around May 25th! 


GDPR is classified as a law that protects the data rights of citizens and extends to any organisation that collects, stores or uses data. It is designed to demonstrate transparency – ensuring that people are more informed about what their personal data is being used for, how and why.  


However, what perpetuated the underlying feeling of panic amongst companies was that failure to comply could result in significant fines – in the millions possibly – from the ICO. 


Although they have always been keen to highlight that issuing fines would be a last resort, the ICO  did, however, fine a local London pharmacy £275,000 in December 2019 for breaching GDPR.  Europe isn’t exempt either because the legislation is part of European law too.  In fact the largest fine so far  was issued in France to a tech giant (rhymes with Noodle) amounting to 50M euros after failing to provide its users with sufficient information about data consent policies. Ouch. 


But we’re not trying to scaremonger with talk of fines resulting from non-compliance. But rather highlight that three years on, it’s still an important piece of legislation that you need to be on top of. 


At ReveGro, data is our bread and butter and it’s central to our business integrity to have an intimate understanding and absolute respect for GDPR. In fact, when many organisations were moaning about how restrictive it was, we embraced it because we believe privacy is important and this legislation protects internet users from some of the more unscrupulous or naive companies from using data without permission or storing it carelessly.


It goes without saying that we only use GDPR compliant data; however, in order to be further compliant, we always secure a verbal opt-in when speaking to prospects over the phone. We also record our conversations as part of a GDPR audit trail. Belt and braces you may think but it’s this kind of attention to detail and adherence to good practice that demonstrates how we protect our clients.

"I've always said to my clients, if your data is managed professionally, over time your database will also be a valuable monetary database asset. The benefit of EU GDPR is that it's a wonderful opportunity for clients to build trust with customers, demonstrate respect for their privacy and help develop meaningful relationships."

What is certain is that EU GDPR is here to stay. If you have any questions about this legislation, or  worried your business lacks full compliance or perhaps you have a query about data in general, then please give us a call on 0333 058 6602 or email sales@revegro.com

You can read more here from the ICO’s blog article: “GDPR – sorting the fact from the fiction”