I find it all very confusing. Just when I’ve spent a few hours figuring something out and deciding to set something in place, I then hear from someone else that we don’t have to set that thing in place. There’s reams of info, with clauses about this and that and the other.
So I reckon, reduce your stress and prevent pulling out your hair, put a whole bunch of stuff in place, cover your back, then you don’t have to worry about anything.
Don’t believe everything I say. However, if you implement my suggestions, you can save yourself a lot of time and energy AND play it safe. You might not need to do everything on this list and my previous list, however I figure, if you do all of this, then you can say you are offering best practice for everything.
There is so much to read and lots of conflicting advice, so I hope I’m interpreting it all correctly.
The 3 blog posts I’ve written are my interpretation and what I believe is best practice to get GDPR ready.
Get informed through other channels and do let me know if you find conflicting advice.
You must tell client’s how you are going to use their information and specify methods of communication (e.g. by email, newsletter, text, phone, call, recorded call, post)
On a signup/contact form on your website, depending on how you are managing other signups (e.g newsletter signups), there might not need to be an opt-in tick box. However, you do need to offer information about their data use (point 2 above) and instructions about how they can opt-out. Please read the next post about GDP opt-in advice
If you previously have added people to a mailing list, WITH WHOM you have done ‘business’, you do not need to ask them to opt-in now. Please read the next post about GDP opt-in advice, though if you read number 1 above, you will see need to get consent to hold their info (if you have not previously done so)
If you have not had an OPT-IN in place previously, and you have not “done any business with an individual”, you must delete their names from your mailing list and you CANNOT EMAIL THEM TO request they opt-in. However you might want to send an email to all your contacts updating them with relevant info
You must tell them how long you will hold their data for (there are no rules about how long, so go with “as long as needed” and expand on what that might mean to you). Check with your governing body and insurance company about how long they required you to hold records
You must store their details safely/securely – this means your phone and your computer should be password protected, keep your antivirus software up to date etc. And for paper records, you need a fireproof safe (EXAMPLE here). You might not need a fireproof safe, I’ve also heard that just something steel and lockable is ok. See the end of this article about reporting a data breach
Make sure there is an easy/accessible way for your clients to update their info, request what information you hold on them, request their information to be deleted or make a complaint
Cookies. What are they and why do I need a cookie notice?
Cookies? No, not fortune cookies!
Although tasty and often enlightening, these are not the cookies we are talking about…
Cookies are tiny files created on your computer by your web browser. They are used to store small bits of information to allow webpages to do more than just display pages.
When you log into a website, your web browser will save a small file (cookie), containing an ID number, to your computer. When you then look at other pages on the same website, your web browser will look at this cookie, and pass the number back. This allows the website to know that is it you browsing, so will show you pages that only you are allowed to see e.g Your account details.
When you open a web browser (e.g Chrome, Safari, Firefox) and to look at website, the browser is actually asking a webserver (a big computer) somewhere across the world, to send the pages of the website to your computer. This conversation between your computer and server is handled by thousands of other computers and devices.
Think of this analogy; when you post a letter, is it handled by post office workers, driven around the country in Post Office vans, stored in sacks and pass through machines. Postal letters are protected by envelopes, and websites also need a type of envelope to provide security.
So, when we access a website, unless we take steps to protect the information we are requesting from, or sending through the site, the requests are potentially unprotected from naughty hackers who might intercept it, read it, potentially change, use it or sell it.
If a website is handling sensitive information such as personal details or credit card numbers, you can immediately see why this is a potential problem. A solution was therefore devised to protect the data.
Everyone is always banging on about productivity. I guess because it’s a big part of being effective in your business, and even, in life!
QuickBooks is sharing productivity tips through an article and graphic in honour of Work Wise Week. So here are some of my own… a little blog about the P word.
For me, productivity starts the minute I wake up
The morning, before we start work, is the ‘mise en place‘ to our day. If we don’t start out right, with a bit of personal prep, the day could land in a big mess. Certainly, our coping skills are reduced if we are sluggish and still have yesterday’s stress wrapped up inside of us.
Happy new year! We are looking forward to supporting you and your business in 2017 and we wish you every success in all aspects of your life.
For a chance to win 1 hour session with me, please help me to understand your health and wellbeing market by completing a short survey about webinars. Webinars are seminars/workshops/online learning conducted over the Internet.
This survey should take less than 5 minutes to complete.
I’m placing a bet on the fact that your website needs some attention. I know both of mine do!
There is a lot to consider when the new year comes around. And one of them could be setting yourself up a plan to attend to your website. Like body cleanses are “the thing” to do in January, why not do a website cleanse?
Or we can choose to not get caught up in the whole January thing and let leave this till February. Or even March.
Which ever you choose, RIGHT NOW, set a NON MOVABLE MEETING DATE with yourself to assess and cleanse your website.
Set aside 1 hour…that’s all!
Note down what you need to change.
Those changes can then take place throughout the year.
Now here is the key to change and cleansing…