6 steps for GDPR compliance for mobile apps
Less than a month has left to prepare your mobile application to meet the requirements of the new law. If you want users to use your application in the EU, you must, by May 25, 2018, adapt to the new regulations on the protection of personal data. What does this mean in practice? How to prepare a mobile application for GDPR? See: What are the consequences of not adopting the mobile application to the new GDPR regulations?
The most important for you are two pieces of information - first of all, the GDPR concerns everyone operating in the EU. It does not matter whether you run a small business, whether the application works as part of a startup or a large corporation. Everyone must adapt. It also does not matter where your company is registered and where the server is located. If you process personal data of citizens of an EU country (and Norway, Iceland, and Liechtenstein), GDPR also applies to you. Secondly, new regulations do not dictate ready-made solutions for implementation. GDPR is not a set of guidelines, the steps taken should be tailored to the type and amount of personal data processed by your application.
The main assumption of GDPR is giving full control over personal data to the user they concern. He must give informed consent to the processing of this information, and may at any time demand their removal from your database. Providing this to the user and creating/adapting a mobile application compatible with GDPR is a relatively easy task, but you should be careful and accurate because the penalties for non-compliance with the new regulations are very high. Most wisely, due to the lack of top-down, statutory guidelines and requirements, is to entrust it to specialists - people who are GDPR certified .
See the six steps to create an application compliant with new law developed by the GDPR certified member of our team.
1. Additional points to the loyalty program
2. A clear interface regarding the processing of personal data.
3. Security of applied solutions.
So far you have not bothered that your application can be easily hacked? No more - you have to be safe from 25 May! Secure user data (use secure passwords, dedicated solutions, encryptions, send this task to specialists), a mailbox through which you contact users or an application login system. Take care of the up-to-date systems, use only new versions of frameworks. This point is the biggest challenge for older applications - you have to update them or you may not be sure that solutions used are free from loopholes and are not an easy target.
4. Carefully selected partners.
Do you use dedicated solutions for statistical purposes or newsletter? It is your responsibility to check whether the companies with whom you cooperate comply with the new guidelines. To do this, read Terms & Conditions for these and look for information about compliance with GDPR.
5. Efficient contact with the user
Make sure the user can easily contact you and you will respond quickly to his message. Remember that he can at any time request removal of his personal data, and you must guarantee that. The contact should work in two directions - you have an obligation to inform (and obtain consent) users as soon as you change the way in which the personal data is processed.
6. Gdpr compatibility test.
When you are not sure if your application is compatible with the new guidelines, do not take any risks - use the help of gdpr certified professionals. They conduct compatibility audit and, if problems arise, help you customize your applications. Learn more about the gdpr audit .