In the month of May, GDPR was all we ever heard about.
The new data protection legislation saw an abundance of businesses clamping down on their privacy policies and updating their databases. Whilst all of the ‘big businesses’ seem to have cracked GDPR… Smaller businesses or bloggers might not have had the same level of professional advice.
Although it’s a somewhat intricate legislation, the core concepts of GDPR are actually pretty easy to get your head around. Nevertheless, if you’re running your own business or blog then it can still be hard to ensure that you’re ticking every box.
In short, GDPR was proposed in 2016 by the European Commission.
It briefly states that if your website collects or stores data related to an EU citizen then you must comply with the following:
You can find out the full ‘ins and outs’ on the handy EU GDPR information portal. However, if you’re a small business or a blogger then simply knowing the basics is a good place to start.
If it all sounds a little tricky to wrap your head around, then fear not. The document management experts here at Box-it North West are here help support you in achieving GDPR compliance.
Here’s our tips on how to keep your blog or website within GDPR guidelines:
GDPR was introduced to ensure that businesses and organisations are using the data that they have stored: correctly, transparently and with consent from individuals.
In some cases, personal details of others (such as CVs) were being stored by a business for far longer than necessary. This was seen as a breach of privacy. Therefore, GDPR was introduced to crack down on general data retainment. Most businesses are now fully compliant with the legislation.
If you feel under-educated about the rules and regulations however, it can be easy to get left behind. We would always advise you visit the ICO website for official guidance.
So, if you’re feeling suddenly overwhelmed, thinking: ‘am I GDPR compliant?’ Then here’s some tips to help you get on to the right path.
The month of May was awash with ‘can we still email you?’ messages from countless companies. Some were even offering incentives for their consumers to ‘opt in’ to email marketing.
One of the ‘biggies’ of GDPR is making sure that users’ emails you have stored are still okay with you emailing them, and giving them the option of the type of information they would like to receive. The cut-off date was 25th May so you should now only be emailing people who have given their consent, and you need to have evidence of this.
Your site should already be https rather than http by now, but if it isn’t – it needs to be.
If your domain still operates under http then you should get in touch with your host right away and ask them to alter this to make it more secure and compliant with GDPR.
Linking back to the email subscription point. Something else worth mentioning is that even if your email subscribers have agreed to keep receiving emails from you, you need to still offer them the option to ‘opt-out’ at any time.
If you use an automated mailing service then they may be able to provide you with a quick ‘unsubscribe’ button at the end of an e-mail. Or, if you handle your mailing lists yourself then make it clear that subscribers can contact you to opt out at any given time.
Lastly, if you’re storing information – it should always be stored securely.
Whether you store paper files or digital documents, you should always have a safe storage method in place to protect your data. Protecting your personal information is one thing, but protecting the information of others is paramount.
Ensure you’re safely within GDPR guidelines by chatting to us today about safe data storage options.Posted on: August 8th, 2018