GDPR And Your Small Business
Are you going to be ready?
POSTED BY JACQUI FROST ON 14/09/2017 @ 9:00AM
The new General Data Protection Regulation (GDPR) comes into force EU-wide in May, 2018. It builds on existing data protection regulations about how you can treat customer's data ...
The GDPR comes into force in May, 2018. Are you going to be ready?
copyright: phive2015 / 123rf stock photo (licensee)
More importantly, the UK government has said they'll be bringing the GDPR into UK law. Even when we leave the EU in 2019, anyone who holds data on EU citizens will still need to comply with the GDPR. Remember, it is already in effect, the May, 2018 deadline is for every business to be compliant.
"Because that's when the
fines kick in!"
Breaking the GDPR means you could be fined up to 2% of your worldwide turnover. For example, the recent TalkTalk data breach cost the company £400,000, but under the GDPR, could have cost them a whopping £59 million instead. So you really do need to be careful.
So, how are businesses supposed to give back control of their personal data to EU citizens?
Once data is no longer needed, it must be deleted and an EU citizen has the right to request all data on them is deleted promptly. This applies as much to a small business as it does to Google and Facebook.
Opt-in to mailing lists must be down to the visitor. No longer can you pre-tick the subscribe checkbox, the visitor has to tick it themselves to confirm. Contact forms must not automatically add email addresses, and it's good practice to send a confirmation email as a 'double opt in' to ensure an email address wasn't added by someone else.
All bulk emails must have an unsubscribe option included and it makes good practice to clean your list regularly by deleting email addresses that haven't opened or clicked on a link.
You may even want to send a yearly email asking if they still want to remain on your list, but they'll have to click to confirm rather than you saying "if I don't hear back from you ..."
You can no longer download your LinkedIn contact list and use the email addresses. Just don't do it!
If you receive a business card at a networking event, it'll be good practice to ask if you can add them to your email list and confirm they can unsubscribe at any time.
Encrypt your contact forms using SSL and ensure that any access to customer data (even if it's just a name and an email address) is done securely.
A few tweaks by your web designer or email marketing person can ensure you comply and although it doesn't come into effect until May 2018, it may well be worth looking at now and having the changes implemented by the end of this year.
While you are reviewing the GDPR for your online world, ensure your own business security is up to date and effective. Talk to your IT support provider about firewalls, anti-virus and web protection to ensure you don't get hacked and cause a breach of client data unintentionally!
Remember, everything I've mentioned above is just common sense, and the GDPR puts all the pieces of the jigsaw together in the right way. But the scariest part are the fines, so make sure you're ready for the GDPR to kick off next year.
"We're serious about the GDPR at The Office Genie!"
All our client's data is highly secure and we only keep what we need for as long as we need it to offer them our best possible service. If you want to know more about the GDPR and how we're getting ready for May, 2018 then give me a call on 01604 529170 for a chat.
Until next time ...
THE OFFICE GENIE
I had a successful 20-year career as an office manager and personal assistant; however, my job was no longer focused on the customers and became all about the numbers. My customer-focused background began when I was 12 in my father's independent carpet showroom. I had a spell with Marks & Spencer before I moved into office-based jobs. I have worked as a training administrator, a PA and PA/office manager in a variety of industries from manufacturing to the IT education sector.
Meanwhile, my husband Ian, a successful Northampton based Master Decorator and owner of Rainbow Frost, was losing out on work due to missed phone calls. When he was busy, callers were getting his voicemail but weren't leaving messages. I knew how to fix that problem!
I quit my job and took on Ian as the first client of The Office Genie in November 2005. Word quickly spread with the second client coming on board just one week later. The majority of our clients since have come to us through word of mouth recommendations and networking referrals. Over the years, I have become well connected in Northampton and Milton Keynes.
Outside of work I enjoy swimming, roller skating, the theatre and my cats and dogs!