The Data Protection Act is a law that governs how different companies, including #startups handle the #personaldata of their users and consumers.  These are 3 things that Start-Ups need to know about the Data Protection Act.

1. You need to review your Privacy Policy. The Data Protection Act requires companies to have sufficient legal safeguards to protect their consumers which means that as opposed to generic privacy policies, companies need robust #privacypolicies that incorporate principles like storage limitation, purpose limitation, data retention, and access.

2. You need to conduct a Data Protection Impact Assessment (DPIA)- If you are a tech start-up that uses advanced strategies like Machine Learning to boost marketing and sales, you need to do a DPIA. A DPIA is an audit of the privacy risks that come with your project and will include recommendations on what to introduce in order to avoid privacy lawsuits.

3.  You need to register as a Data Controller/Processor – Startups that work specifically around education, health, payments, gambling, direct marketing, and other specified areas are required to register as data controllers/processors with the Office of the Data Protection Commissioner. Those who fail to register will have to pay a fine.

#dataprotection #privacy #law #data #legal #machinelearning