GDPR, YourTradebase and You

4 April 2018

Have you heard about this GDPR thing? There’s a lot of GDPR talk going around, but what is it, how does it affect you, and what’s YourTradebase doing about it? Let’s find out…

First things first: What’s a GDPR?

GDPR stands for General Data Protection Regulation. That still doesn’t tell us very much, so let’s ask Wikipedia:

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. The GDPR aims primarily to give control back to citizens and residents over their personal data.

So, it’s an EU regulation and it comes into effect on the 25th May 2018.

Essentially, when you collect data on a citizen of the EU, they have the right to know what data you keep, for what purpose, and for how long.

There are 8 rights your customers (and prospects) have thanks to GDPR:

  1. The right to access: Your customers will be able to ask for their personal data, free of charge and via email if requested.
  2. The right to be forgotten: Your customers will legally be able to instruct you to delete their personal data.
  3. The right to data portability: Your customers will be able to request that you pass over their data to another business, including any notes you keep on them.
  4. The right to be informed: You’ll have to inform your customers about when you’re storing data. This usually applies if prospects submit enquiries on your website.
  5. The right to have information corrected: You’ll have to correct any out of date, incomplete or incorrect data if instructed to do so by your customer.
  6. The right to restrict processing: Your customers will be able to instruct you not to process their data, for example for marketing purposes.
  7. The right to object: Your customers can request that you don’t use their data for direct marketing, and you must legally oblige. You must also make this right clear at the point of collecting the data (such as on your website contact form).
  8. The right to be notified: You must let your customers know if any of your systems have been compromised, such as your website or email being hacked, within 72 hours of being aware.

GDPR has been described as some as: ‘Data protection + teeth’. It’s an appropriate description when you consider the fine for non-compliance could be up to €20M.

What it means for YourTradebase

YourTradebase will be fully compliant with GDPR by the 25th of May 2018. Here’s what we’re doing:

  • A clearer privacy policy. We’re updating our privacy policy to make it clear what we store, what we do with it and for how long.
  • Respecting your rights. We’re making it easy for you to request the information we store about you, export that data and request for that information to be deleted.
  • Helping you comply. We’re updating our tools to make it easier for you to export and delete the customer data you store in YourTradebase. If you get a request from your customer, we’ve got your back.
  • Privacy as standard. We’re continually working to ensure YourTradebase is safe, secure and up-to-date with best security and privacy practices.

We take seriously our promise to keep your data safe and secure. We respect the trust you place in us when using YourTradebase to store your – and your customers’ – data.

What it means for you

Client data you store in YourTradebase will comply with GDPR by the 25th of May 2018.

Here are some things for you to consider:

  • Respect your customer’s rights under GDPR: If a customer or lead completes a form online and sends you data, you should comply with their rights listed above. That means ensuring you have processes in place that allows your customers and leads to:
    • Request what information you hold about them
    • Request you send them the data you have stored about them
    • Request that you delete information you store about them
  • Track your company data: Know what data do you store about your customers, where it’s stored and who has access to it.
  • Ask for permission: If you use email marketing, you should ensure your customers have opted-in and agreed to receive email marketing communications from your business.
  • Spring clean old data: Remove any old data you might be storing about previous customers or leads that you no longer reasonably need.

You’ll find further recommendations for you and your business from the Information Commissioners Office, who have prepared checklists for you to check for compliance: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr/

Questions about YourTradebase and GDPR?

If you’ve got questions or concerns about GDPR, we’d be happy to help – just reach out to us at hello@yourtradebase.com

Please bear in mind that this information is for general guidance only. It’s not intended as legal advice. There’s no substitute for you seeking legal advice if you’re unsure how GDPR will impact your business.


About the author

Co-founder of YourTradebase. One quick, easy app that frees you from paperwork and lets you get back to the job you love. yourtradebase.com

Freedom from paperwork

YourTradebase – one quick, easy app that frees you from paperwork and lets you get back to the job you love.
Try us free for 14 days.

 

Easy setup • No credit card required • No strings attached