Are you GDPR compliant and how might this impact your small business?
General Data Protection Regulations
You may have heard people talking about GDPR and been slightly baffled by the large amount of information available and what GDPR will really mean to you or your business.
Here is a small overview of this data regulation change that may need your consideration and possibly some action. It is important that you do comply, and this may require reading and understanding more detailed information provided about GDPR to be sure you are ready and compliant. Here is a link that provides more information.
General Data Protection Regulations requires every business within the EU that collects personal data has to do this with consent and clear reasons why it is required and how it will be used. This data must not be shared with third parties or used to contact people without specific identified permission and consent and their acknowledgement.
In the past forms collecting personal data may have provided pre-ticked boxes that had to be knowingly unticked to protect privacy or further receipt of communications, this is no longer permitted.
If your business holds personal data, you need to state how long you will hold onto this data and why you require it. Ensure it is safe and protected and you must not share it. Any requests to remove a person or persons personal information from your data base must be done so when a request is made.
All businesses need to be aware about how they have contacted and do contact people and businesses about their offers, products and services, and whether or not these contacts were aware when they shared their personal information with your business that they would receive future marketing information.
Your business terms and conditions needs to include how and why data is collected, stored and reassure about the sharing of this personal information. If you have customers on a newsletter email list - how was this data collected? You need to ask those on your data lists if they want to receive future communications via newsletters, emails and promotional information - they need to opt in, rather than opt out.
New regulations come into force on 25th May 2018
This information does not represent full and detailed new regulations requirements but offers a small insight. Please seek professional GDPR advice if you have any specific questions or need to know if you are compliant.