GDPR is implemented on the 25th May 2018
As usual we are all scrabbling around trying to find out what the law is – the onus is for us to know the law and it never seems very easy to find the rules in one place, instead Businesses spend a lot of time and money trying to find out whether they are legal, and then either bringing in outside help or delegating a member of staff to ensure they are compliant.
So, should we be scared?
Most of what is being asked of us is common sense, it has just not been explained very well and as usual with many different versions out on the websites, as well as conversations in many meetings we are left confused. Please do your own due diligence but in layman’s terms we have simplified some bullet points
1. You need to nominate one person in your company to be ‘The Controller’ of all data that your company holds.
2. One person in your company should be a ‘Data Protection Officer’ – who is in charge of training your staff in the clear roles and responsibilities (they need to understand the GDPR rules)
3. Anyone in your company that has data on their computer or handles data in any way is a ‘Data Processor’ – they should be trained and regulated by your ‘Data Protection Officer’.
4. You should only use data for the specific purpose it was given to you for – to which you need to be able to demonstrate consent was given by the data subject.
5. You need to keep all data sorted secure. And, ensure it cannot be taken off computers or used in a manner for which consent has not been given.
So ultimately we are now all accountable for how we hold, use and store data due to the privacy of personal information.
Finally – and you knew I would get a sales pitch in – Door drop does not use personal data, it is unaddressed but can still target addresses by many demographics – so if you are still worrying about GDPR compliance in your marketing – give us a call and we will increase your sales without you stressing.
To discuss your requirements, please contact us on 020 8440 0400 or email@example.com