Like with many other UI trends, Collage art initially rose to popularity on social media.
A go-to format for Stories and news feed content, collages’ ability to stimulate was soon discovered by web designers.
Web-design collage art will typically encompass a number of core elements:Most collages will sprawl out across a full-width visual. They will include a precise cut-out of an image (usually a photograph), as well. These elements will all be integrated using a mix of solid color graphics and patterned illustrations.
GDPR stands for General Data Protection Regulation and it is a new European regulation coming into effect on May 25th, 2018. It is a privacy law that is meant to give consumers more control over their personal data. The EU has always been more aggressive in protecting the consumer compared to the North American way of protecting the business more. As a consumer I applaud that but as a small business owner I wonder how it will affect my business.
The new EU regulation was approved on April 14th, 2016 but it is only really in the last few months that we have been hearing much about it here in North America. It is now a hot topic and with less than a month until implementation, it is still a grey area for most small businesses. The European Commission is charged with protecting the rights of its 28 member states of which Canada and the US (and soon to be UK *Brexit) are not part of. The European Commission already has a data protection law in place, which if you suffer from sleep deprivation you might like to read here. There is also an EU Cookie Law in place although this will be replaced by the new EU ePrivacy Regulation, which although designed to go hand in hand with GDPR, won't be implemented at the same time as it's still under development. (Getting 28 and now 27 member states to agree is clearly a challenge!). It is, however, expected later in 2018.
Why can't they just combine it all under GDPR? Well, two laws are needed because they cover two different rights in the European Charter of Human Rights, think Bill of Rights for European Union countries. The GDPR covers the right to protection of personal data (any data that relates to or could be used to identify someone in any way), while the ePrivacy Regulation encompasses a person’s right to a private life, including confidentiality.
So in a nutshell, this means all organisations 'handling' personal data of residents or citizens of the European Union (EU) will have to comply with GDPR come May 28th, 2018.
"Wait I'm not European and I don't deal with Europeans! Phew then GDPR doesn't apply to me?"
NO ONE IS EXEMPT!
Your business is out there on the great white interweb! And unless you geo-block* the whole of Europe (*restrict access to internet content based on a user's geographical location), then you can potentially collect data from an EU citizen. Data travels well beyond the borders of EU countries and that data will be protected by GDPR if it comes from an EU resident or citizen.
And would geo-blocking still be enough? I have dual citizenship, born in England and now a citizen of Canada, and my British passport currently affords me protection as an EU citizen, at least until we depart the European Union waving our flags and wiping tears away on 29th March, 2019.
Check out this video from https://www.whatisgdpr.eu for a brilliant summary.
You might wonder how exactly you might be capturing data from those EU citizens. Here are a few examples:
In the simplest terms possible you need to:
Larger organisations are required to appoint a Data Protection Office. Most small businesses won't need to do this but should be looking to appoint one person who is the single point of contact for data related issues and questions, thus complying with Privacy by Default.
If you are a solopreneur - guess what? You just got a new job to do!
There's a wildly held belief among small businesses in North America that it won't affect them because the EU holds no jurisdiction over North America.
The truth is that no one really knows how GDPR will be enforced in North America and we likely won't know until a company is found non-compliant. But given that breaches can cost companies up to 20 million Euros (CDN$31 million or US$24 million) or 4% of their annual global turnover it's not insignificant.
We will see an increasing number of the products, software and service we use as small businesses move towards being GDPR compliant in order for them to survive. Smaller companies that don't comply will fall by the wayside, forcing us to change the way we do business ourselves. We need to be careful which 3rd party companies we choose to do business with - see more about this below.
Consult a lawyer to discuss your own individual situation. This is not a step to miss out!
We are then going to have to look at our own internal business systems and see where we need to comply. Start to move to third-party providers that are already GDPR compliant such as email and hosting service providers, WordPress plugins, your CRM service and developers, designers and marketing agencies that you work with. You can be held responsible for breaches made by data processors that you work with, so choose wisely.
There are many plugins and tools around now that offer GDPR compliance for your website. Here are three of my favourites. They are all free at this current time. I have looked at several paid options where one option tries to do everything but they come with a hefty price tag.
These plugins will go along way to getting your WordPress site GDPR compliant. Just remember that GDPR compliance isn't just about your website - it includes all your processes as a business, which you will need the help of a lawyer to address. The use of these plugins is by no means legal advise on my part. But rest assured if you get hauled off to GDPR detention I will use my British passport to come visit you (as long as it's before March 29th, 2019 *Brexit *sniff)
This plugin alone will not make you GDPR compliant but it addresses the 'consent to collect' data issue.
This plugin was designed by a Canadian company to assist a Data Protection Office or Controller with the GDPR requirements. It adds widgets to your website so that users can:
Don't keep sticking your head in the sand, thinking GDPR doesn't apply to you. Small businesses around the world are not exempt and you need to educate yourself about the laws and keep current with the changes.
There will more than likely be a lot of businesses in the firing line before they start targeting North American small businesses. It's already rumoured that the audits will start with big companies that have already experienced data breaches (can't think of any of those offhand, can you?)
But why not spend some time and make the effort to implement the above suggestions, particularly that your company can comply with user requests such as "Right To Be Forgotten" you will put yourself way ahead of a lot of companies.
Don't be the business that gets used as a test case for non-compliance!
I would invite comments but I've switched them off for now - please feel free to connect with me in another way if you'd like a discussion on this topic.