As GDPR ramps up in the UK expect to receive emails from businesses that hold your ‘personal data’. GDPR is going to be a major shake up for data holders and affects every business holding as little as a name and phone number.
Here at OHM Nigel Stevenson is our ICO data officer and registered to take care of all personal data held within the business. Recently we held meetings with a GDPR consultant to bring our data archive up to date, (well actually it’s already pretty tight).
The main issues are:
- data retention
- data recording
- data archive
As our expert said time and again, you must take ‘reasonable steps’ to protect personal data and have a reason for keeping it. This may affect what data you request, do you really need all of your customers personal information? Do you need to keep it in the future? Is the data safe and protected?
For example, you sell a customer a fridge, the fridge is delivered (tel/address) and has a 2 year warranty.
- Do you need to retain that address after 2 years?
- Did you add the customers details to a marketing list?
- Have you passed that data onto a third party?
- Have you disposed of the data securely (disposal certificate, see: castlesremovals.co.uk/security-shredding)
Look out for more of these messages
and here’s how a local golf club is managing it’s customers GDPR showing ‘reasonable steps’ in action: see video