On the 25th May 2018 GDPR comes into force and you need to make sure you're ready. For many, this will only mean a few small but important changes yet the current panic and contradicting information online is making it difficult to ascertain what is actually required. As we understand it, this is what small businesses need to make sure they have in place.
Here's what we know and what you should too:
Informing your clients how their data is used and stored is the most important action you need to take when it comes to GDPR. You need to clearly state the following within your policy.
- Information retained
- Why data is stored
- How data is used
- Who is responsible for storing data
- Information won't be shared or sold to third parties.
- Payment information not retained
- Data stored securely
- Paper or digital
- Devices & software are password protected
This needs to be easily found on your website.
Adding compliance 'checkboxes' to your website contact form or checkout. You need to include tick boxes for the different methods clients are happy to be contacted by. If you use an email marketing system, then most providers have made available compliant forms, make sure you're up to date.
These changes to EU data protection laws are designed to protect data. This is good news for all individuals who are affected by data processing and shall maintain standards in relation to the security of your personal data.
- Further protection of your personal data;
- Standardisation of the European data protection; and
- Adoption of data protection in line with technology changes.
This is a general summary and for many small businesses these are the steps that need to be taken. We advise you take advice on how this will effect your individual business.
Friar Gate Studios