Unless you have been hiding under a rock you will know that there is a NEW law coming into play on May 25th 2018 which affects EVERY business that has customers (or promotes its products and services) to people or businesses in the UK and the EU.
It is the General Data Protection Regulations Act. The European Union’s (GDPR) is considered to be the most comprehensive and far-reaching data privacy initiative of the past 20 years. It contains massive penalties for non-compliance, and it is set to go into effect on May 25th 2018.
Now I am not a lawyer and do not profess to know all the ins and outs of the new Act but we do have a simple compliance checklist which will get you thinking differently about how you interact with your customers and prospects. Having been putting GDPR into place across our businesses I consider myself to be fairly up to speed with what is required! Read on to see how we might be able to help you get compliant before the date!
GDPR in a nutshell is all about good data handling and ironically has been thrust more into the spotlight by Facebooks recent faux pas with their handling of peoples personal information!
It is tightening up peoples individual rites and restricts businesses in what they can do with the data they collect.
Whether you store emails, customer info, texts you must comply with GDPR. You have to consider how you collect the data and also how it is stored and then how you are going to interact with the individuals afterwards.
If you have buying customers who you do not contact after the sale (believe it or not many businesses actually do this!) then you can store them safely under Legitimate Reasons as you require the details to be able to fulfill their purchase.
Likewise if you have contracts with suppliers or customers for services you provide you can store that data under the Contractual Necessity premise.
A little known fact is that you must keep your email lists uptodate and set a time limit whereby any subscriber that has not engaged with you after a set period (e.g 1 year) be deleted from your list.
If you already have an email list that you send emails out to promoting your business etc, you WILL need to get permission from them again to send out emails post-25th May. I know, I can hear you!! This is an absolute ball-ache and will undoubtedly lose you a fair chunk of your list.
If they want to be on your list they will be happy to re-sign onto your new list and those that do not were probably not worth having on their anyway!
Their is a ton more that I could share with you and I will probably update this as my own GDPR journey plays out.