GDPR - Are You Compliant?

May 16, 2018 -- Posted by : admin

GDPR Compliance

On the 25th May 2018 GDPR comes into force and you need to make sure you're ready. For many, this will only mean a few small but important changes yet the current panic and contradicting information online is making it difficult to ascertain what is actually required. As we understand it, this is what small businesses need to make sure they have in place.

Here's what we know and what you should too:

Update Your Privacy Policy

Informing your clients how their data is used and stored is the most important action you need to take when it comes to GDPR. You need to clearly state the following within your policy.

- Information retained
- Why data is stored
- How data is used
- Who is responsible for storing data
- Information won't be shared or sold to third parties.
- Payment information not retained
- Data stored securely
- Paper or digital
- Devices & software are password protected

This needs to be easily found on your website.

If you haven't got a Privacy Policy visible on your website, you need to create one as soon as possible. We can create one for you you can't do it yourself. Get in touch!

Add Checkboxes To Forms

Adding compliance 'checkboxes' to your website contact form or checkout. You need to include tick boxes for the different methods clients are happy to be contacted by. If you use an email marketing system, then most providers have made available compliant forms, make sure you're up to date.

Ensure Your Current Mailing List Is Compliant

We have seen many resubscribe emails being sent out to customer mailing lists, this is only necessary if you have obtained email addresses by buying, scraping (harvesting) or from shared lists at events and fairs or similar. If your current mailing list only contains past customers, those that have signed up via your website and at events then, as long as you can show this, all you need to do is send out an email to all, informing them of your updated privacy policy and where to find it. Also give them the option to unsubscribe and make sure all future emails have an unsubscribe link.

These changes to EU data protection laws are designed to protect data. This is good news for all individuals who are affected by data processing and shall maintain standards in relation to the security of your personal data.

- Further protection of your personal data;
- Standardisation of the European data protection; and
- Adoption of data protection in line with technology changes.

This is a general summary and for many small businesses these are the steps that need to be taken. We advise you take advice on how this will effect your individual business.


Most Recent Posts