How Red Desk Can Help With GDPR

We recently published our article “Are you GDPR ready?” which was our research into the world of the new data protection laws.  Since then we have been sharing our findings with our clients so they have a better understanding of what is required of them:
 

1.Your business needs to have a data privacy policy and this should be published on your website.  You will also need to identify a Data Protection Officer within this document.
 
2. If you send newsletters there needs to have been a clear positive consent.  ie they must have ticked a box to say they want to received your emails.   This means you will need to adjust your newsletters to include a consent box and you should email everyone on your current list and ask them if they want to remain on your list.  
 
3.You need to be transparent about how you use and store any personal data, you should think about and document how you process personal data and where you store it i.e are your client contracts securely stored, this applies to digital & hard copies.
 
GDPR4.You need to show due diligence and make sure that all your staff understand the new laws and also check that your suppliers or any third parties you use are GDPR compliant.  
 
5. You are allowed to keep personal data including emails for as long as it is necessary to carry out your work, but emails and files should not be kept for an unnecessarily long time.  The safest bet is to delete or shred any data you no longer require.
 
6. All businesses are enouraged to register with the ICO Information Commisioners Office – https://ico.org.uk. Take this small self-assessment questionnaire to find out if it is a legal requirement for your business.

 
7. Any breaches of data loss need to be documented and depending on the scale possibly reported to ICO.
 
We’d like to say that we are not GDPR specialists.  If you would like expert advice then we can recommend https://spheredataprotection.com – they offer training and also supply downloadable tool kits.
Share This