GDPR is coming. Yep, the world is ending… Only joking!
For those of you who don’t know, firstly where have you been?
GDPR is the new regulation in EU law that covers data protection and privacy of all individuals within the European Union.
Secondly, yes it does still apply to us, even after Brexit (nice try!)
If you have a data breach or if you process data without a lawful basis (consent, legitimate interest etc.) then you could face a hefty fine of €20 million or 4% of your global annual turnover (whichever is higher).
It comes into effect on 25th May 2018, so you need to make every effort possible to ensure your business is compliant.
However, don’t panic – GDPR isn’t going to be apocalyptic and you’ll still be able to market your business. You just need to be transparent.
So, here’s our top GDPR Apocalypse survival tips!
Do your research
I know it may seem like a minefield, but read up as much as you can about GDPR and what it means for your business. There are crazy amounts of information available, but we really recommend checking out the ICO website where there’s everything you need to know:
Audit ALL of your data
Assess what data you hold and how you process it. How did you collect your data? Remember personal data covers anything that can identify someone as a person – name, email, address etc. so this covers employee data too!
What do you do to ensure your data is kept safe? If you keep it on a spreadsheet on your desktop – this is not okay! Invest in a good data management system!
Here’s the ICO’s guide to documentation (including data templates!)
Understand the rights of individuals
Under the GDPR, individuals have lots of rights including the right to be forgotten. They can also contact you to request information about what data you hold on them. All personal information requests must be free of charge and fulfilled within one month of receiving the request.
You can find out more about the rights of individuals here:
Put processes in place
Set up formal processes for things like information requests and data breaches. Give team members training and let them know what’s expected of them. If you’re prepared for every scenario, GDPR will seem less daunting.
The ICO has put together a list of key accountabilities and governance here:
Here’s the ICO’s guide to Privacy Policies:
Collect the correct consent
If you have identified data that you have no idea where it came from, try to obtain the correct consent before the deadline. Going forward, ensure all of your web forms and data capture processes ask for explicit consent such as ticking a box or a double opt-in (and make sure you’re telling them how you will be using the data!)
The ICO has outlined the lawful basis for processing data here:
Whatever you do, cover yourself! Document everything you do from the data audits to the processes you put in place. If any data catastrophes happen, you need to be able to prove that you have taken all of the reasonable steps to be compliant.
Use it as an opportunity!
Although it seems like it’s all doom and gloom, GDPR presents an opportunity to cleanse your lists and build trusting and transparent relationships with your customers.
If you would like to create some lovely, GDPR compliant marketing, get in touch with the Juicy Team today!
Congratulations, you survived the GDPR Apocalypse!
CHECK OUT OUR RELATED POSTS
As we emerge from lockdown, can any of us be certain how things are going to ‘pan out’ in the coming months? We guess not. But one thing we’ve learned at Juicy in the 20 years we’ve been trading – and from the two major recessions we’ve survived – is that your...
These are odd times, and yes, it may feel a bit wrong to be promoting your business right now, but the reality is that industry and commerce needs to keep going if it can; businesses need to survive; and there are still people (and other businesses) out there who need...
Sounds crazy, doesn’t it? Especially if you’re busy running your business, wearing all the hats, never really having enough time to do everything at the level you would like. And let’s face it, marketing often drops down the list, because it’s tough. Tough to handle...