- GDPR compliance & Privacy Notice &
The first thing you MUST do is register your company with the Information Commissioners Office (ICO). This will cost you £35 per year via a Direct Debit. If you don’t do this you will NEVER be compliant whatever else you do.
- Only collect information you actually need
Under GDPR you must justify the data you collect and must not collect more data than you require.
- Make sure the consent options on your forms are right
Under GDPR you must be completely explicit and unambiguous when gaining consent for future communications. You must obtain freely-given consent to use an individual’s data (pre-ticked boxes don’t count!). You must also allow for separate consent for different types of data processing/marketing Comms to give individual’s more control over what they’re consenting to.
Be mindful of general security and passwords for your website. Ensure you remove user logins and access when they leave your organisation.
Don’t be afraid. GDPR is there to protect you and your data from others misusing it. You may have heard about big fines etc. but these will be against the big boys like Google, Facebook, Amazon etc. if they break GDPR compliance.
To get the best advice and help for your company why not contact Lucy for changes to your website or Frank for other GDPR changes