Tomorrow, on Friday 25th May, all companies and organisations that process any personal data (name, email etc) need to comply with the GDPR, the new EU law to protect the privacy of EU Citizens. One of the principles of the GDPR is to be transparent about what data you process. Hence, all the privacy statement updates at the moment.
Privacy statement update
If a company or organisation has a website, they have to be transparent about what happens with any personal data of its visitors. What do they do with the information, etc. More information about the privacy statement: https://data2.eu/en/gdpr/how-to-create-a-privacy-statement
Re-subscribe to newsletter
Besides the many privacy statement update emails, you are probably receiving a lot of "re-subscribe to our newsletter" emails at the moment. You have to consent to receiving such newsletters, and the organisations are contacting their old subscribers to get such consent because they probably have no proof of it. However, if you are sending newsletters yourself and have used double opt-in already, you don't have to ask your subscribers for re-subscribing.
Processing Index
Another thing that organisations have to do is to create an internal overview of all data processing and protecting. Such an overview is called Processing Index (or record of processing activities) and it is compulsory to create one where you register all the personal data you process (who is affected, what legal basis, how long, with whom they share it, etc), and how you protect it.
Such a Processing Index can take a lot of work and time. Therefore data2.eu has created a GDPR tool to make it easier for companies and organisations to create a Processing Index.
