Page 61



. a m e n i c a n I ru w h at o n E a r t h has GDPR got to do with me?

strate data protection illu rly la gu re es lin ad he News e event. Ben Rapp, of th r te af ed er id ns co n te is of new GDPR rules hy w ns ai pl ex , ks or w et Managed N to cinemas in the EU e nc va le re ar ul ic rt pa a will have What is GDPR anyway?

The GDPR is the European General Data Protection Regulation. It’s Europe-wide legislation that comes into force on 25 May. It’s intended to harmonise the way personal data is processed and protected. Each country has some ability to vary how the regulation is implemented; in the UK the relevant act is the UK Data Protection Bill, which is making its way through the House of Lords. The rules in the GDPR will apply whatever happens with Brexit.

Is that all?

If only. The GDPR has an evil twin, the ePrivacy Regulation. So far this is still in draft form, so we don’t know exactly what it will mean. Based on the draft, there are big changes to how websites use cookies, what we can do in terms of some kinds of “big data” marketing, and how we can use email and other messaging for marketing. In the meantime, the original Privacy and Electronic Communications Regulation (PECR) from 2003 continues to apply. If you’ve not heard about that before, you may need to have another look at how your email marketing works.

What does it affect?

The GDPR updates the rules governing everything you do with personal data. That means your customer records, your marketing database, your employee data — including candidates and former employees and your benefactors and patrons if your cinema is run as a charity. It sets out what kinds of data you can process under what circumstances, in what ways and with what safeguards you can share data with others, and what you have to tell people about your processing.

MARCH 2018



Profile for Cinema Technology

Cinema Technology March 2018