GDPR Advice for Businesses

We’re sure you’ve all been inundated with GDPR ( General Data Protection Regulation ) and Privacy Policy emails this week. If you haven’t then you must’ve been on a desert island.

The deadline for the new law to come into force is today 25th May 2018 and we’ve seen a full range of responses from businesses including several non European tech companies simply banning European traffic from visiting their website or using their product, through to those who have not yet raised a finger to change their data handling procedures.

We thought we would try and point out some of the key messages we have seen over the recent days to try and take something useful from all of the electronic noise being generated.

1) Don’t Panic

Although there are penalties for non compliance, these don’t suddenly hit you because you’re not perfectly aligned with the new laws as of today. To take a quote from a BBC article:

“Big fines could be imposed on companies that “persistently, deliberately or negligently flout the regulations”, the UK’s data watchdog says.”

So ask yourself – are you constantly hammering spam down your customer’s throats or worse still harassing total strangers? Most businesses probably aren’t, they probably have a slightly out-of-date email list that could use a spring clean to get rid of old data.

2) Don’t Assume Consent

You will need to make sure you don’t “assume consent” by adding people on to your marketing lists just because they sent you a contact form. By all means ask them in that form if they would like to be added, but don’t have the box pre-ticked.

If you are sending B2B emails about goods and services to existing customers that are similar to those they already buy from you, you are on pretty safe ground as long as you are doing it in a reasonable manner (and they have the option to unsubscribe from this kind of communication).

3) Tidy Up Your Data

It makes sense to use this chance to tidy up your data and make sure it’s secure and properly managed. The rules are mainly aimed at larger companies and again to quote the BBC article…

“Elizabeth Denham, the Information Commissioner, told BBC Radio 4’s Today programme that small businesses which did not make extensive use of customer data would not come under close scrutiny.”

So control your data, act reasonably, allow people to have access to their data if they request it, allow people to unsubscribe and delete everything if they wish (outside of your legal requirements to keep records for accounting purposes for example) and generally behave sensibly.

You are probably already doing most of this, perhaps with the exception of deleting old data. We all tend to horde email addresses but in reality if someone isn’t reading your marketing emails after a year they aren’t going to suddenly start so it’s probably better to have a smaller, more responsive list anyway.

For those who would like to know how MCC Accountants manage their data, please feel free to visit our Privacy Policy page and of course if you have any concerns about how we might be handling your data then please contact us and we will make sure we get right back to you.

 

Posted in