Is GDPR on your mind? It should be.
The General Data Protection Regulation comes into effect on 25 May 2018. It builds on much of the existing data protection legislation that already existed, but the key thing it brings is FINES for those who are not seen to comply. The fines can be anything from 2-4% of global annual turnover, and that’s what has people sitting up and taking note.
When I went to update our privacy policy, we had most of it there already. GDPR is about effecting a global change and making everyone come up to a certain standard. My take is that it’s largely about being seen to take steps to be more data aware. I don’t expect the regulators to be going after SME’s initially.
-Maryrose Lyons, Founder of Brightspark
Preparations For GDPR
We’ve been preparing for GDPR here at Brightspark for some time. I invited Johnny Ryan on to Facebook Live back in September to have a chat – you can watch it here. That really rattled me! GDPR seemed like a big and scary thing. Then I hit the workshop circuit and that put my mind at rest. By far the best GDPR workshop I attended was presented by Jackie Hennessy and Gordon Wade of KPMG and I was lucky enough to attend thanks to my participation in the Going for Growth Programme.
Finally, I’ve been taking note of the responses from several of the platforms and how they are relating to it, you can check some of them out below:
- Facebook’s response to advertisers on GDPR
- LinkedIn’s update to terms of service
- Paypal policy – good on security of data
Now I have my own guide for GDPR for the SME. You might like to follow these steps below.
Note: I am not a lawyer. I am a business owner who is keen to continue to respect people who engage with my business, as I have always done. I engage in good practices. I keep everything legal and above board (not like this guy). And as always, I like to share what I’ve learned. So without great fanfare, and not an ounce of legal advice, here are my …
5 Things You Can Do To Get GDPR Ready
- Update the privacy policy.Feel free to borrow from ours!
- Send an email to existing subscribers reseeking their permission. Next month’s email newsletter will contain this. That’s a good two months of the GDPR deadline. Be sure to do this before the start of May if you can.
- Update the language in contracts to reflect GDPR.
- I deleted CV’s of people who had applied for jobs here at Brightspark. These contain personal data and anything over 60 days old has no business being on our systems.
- I’ve written this post! My opinion is that we need to be seen to be taking steps to be compliant. This post is our documentation of that, and if it can be helpful to you as you get your SME GDPR ready, well that’s a bonus!
So with one set of worries banished, here is the real thing to fret about – there will be new marketing regulation coming to supercede GDPR – and that’s going to seriously impact on our business, but for now that is not here yet, and I’ve done the GDPR thing!
Would you like to have a conversation about social media and not GDPR? 🙂 Because that is what we like to do best.
Check out the full range of social media services we offer.
We’ll always get back to you within one business day.
