Pub chain J.D Wetherspoons announced this week that they are deleting their entire customer email database, and ceasing all their email newsletters.
This action follows a recent data breach suffered by the company, in which it is reported over 650,000 email addresses were affected.
Major companies are sitting up and taking action, with the May 2018 deadline for the enforcement of the General Data Protection Regulation looming, and the Information Commissioner’s Office (ICO) gearing up to hand down significant fines for those found in breach.
GDPR will overhaul the way data will need to be collected and processed, handing the power back to the user. The new directives will have a substantial impact on any organisation with operations in the UK and EU – making it pivotal that companies take action.
Wetherspoons’ decision is certainly a drastic one, as businesses are not required to delete their customer email databases under the regulation, but it demonstrates the true scale of the impending GDPR and serves as a signpost of things to come. Your customer email database may be a millstone around your neck at the moment, but deleting it entirely is not an option for most businesses.