GDPR

The GDPR is a new European privacy law designed to replace the EU’s Data Protection Directive. As of 25 May 2018, all companies and organisations that process personal information of EU citizens will be legally required to comply with the GDPR. These regulations will allow customers to have greater clarity and control over how their personal data is processed by organisations.

‘Personal data’ is defined as any information that can be used to directly or indirectly identify a person (eg customer email addresses, names, addresses, bank details, computer IP addresses etc). The new GDPR legislation makes it illegal for any such information to be gathered/used by an organisation without first gaining the unambiguous consent of the individual in question.

An organisation must use only clear, easily accessible language when requesting consent to process an individual’s personal data, and consent must be equally easy for the individual to withdraw. For example: a company may request an individual’s consent to use their email address (ie personal data) to subscribe them to a mailing list; this request must be made clearly and consent must be given in clear terms (such as through an ‘opt in’ tick-box); if a customer should choose to change their minds and withdraw their consent, this must be simple and clear to achieve (eg through a clearly identifiable ‘Unsubscribe’ link within a subscription email).

The new GDPR legislation addresses the need for organisations to shift focus onto the customer, and how best to serve, respect and protect them. PowerBulbs welcomes these legislative changes, and is delighted to incorporate them into our already impeccable service and data protection standards.

PowerBulbs will never contact customers for marketing purposes without first having received consent via a ‘Sign up’ box on the website homepage or an 'opt-in' tick box at the website checkout page, nor will we ever pass customer details to third parties. We record how and when any such consent is obtained and what precisely such consent includes. We respect and support the customer’s ‘right to be forgotten’ – that is, the erasing of customers' personal data at their request. Customer requests for personal data to be erased can be made via email at  [email protected] or telephone at: 01924 334180

More information on the EU’s new GDPR legislation, the final legal text and information on key issues can be found at:  https://gdpr-info.eu/