The GDPR is coming and we’re getting ready
If you do anything on the interwebs (which is mostly all of us) you’ve probably been inundated with emails about accepting new privacy policies from organisations working to get themselves ready to become compliant with GDPR when it comes into force on the 25th May 2018.
We’re getting ready too.
That means our lawyers have told us to update our privacy policies on how we use your data and to streamline what systems and technology we use to hold and process your ‘personal’ data.
What is GDPR?
It’s a new privacy regulation approved by the European Union (EU) and called the General Data Protection Regulation and commonly called GDPR.
What makes this compelling is that it is a mandatory ruling that applies to all companies that collect data and information on EU individuals. It doesn’t matter whether you’re a huge multinational conglomerate or a solopreneur, the regulations apply if you collect ‘personal data’ on EU individuals.
Its aim is to strengthen the security and protection of ‘personal data’ in the EU. Given the almost weekly ‘data breach’ news items on some organisation or other by people who are motivated to steal your data, GDPR a very good thing for the individual.
What are we doing to get ready to be compliant?
1. Legal stuff
Our lawyers have advised us how to update the relevant legal blurbs to be clear about what data we collect, how we use it and what the legal basis is for collecting and processing your data.
2. Technology stuff
Reviewing what technology and systems we use to collect, process and store your data. This means where the systems are located and how secure and compliant those 3rd party systems and solutions are themselves with GDPR.
If you sign up for any of our online information or programmes we’ll need your name, email and possibly payment information. We don’t store your credit card as we use Stripe for payments and Quaderno for all the EU Vat compliance requirements.
3. Operational stuff
GDPR is requiring us to streamline how we do things in the business and we’re following the keep it simple philosophy.
The requirements for GDPR on a small business are non trivial but we’re working to become compliant.
If I have any questions, who should I contact?
You can email us at [email protected]