Small businesses are urged to find out about the new regulations, and what they’re going to mean to you, before they come into force.This post is a quick guide to the main dos and don’ts in order to get you thinking. For a more comprehensive guide, which includes also examples of how to follow the guidelines, click here. Do: Take a look at your data The first thing to do is to look through the customer databases that you have to see what information you currently hold on your customers, orders, subscribers etc. Then, there are four questions to ask yourself about the data you’re holding:
• Why do you need the information?
• How are you using it?
• How long have you held the data?
• When and how did the customers sign up to your email database? The new rules state that you should only hold on to personal data for a “reasonable” length of time. But defining “reasonable” can depend on a number of factors. For example, if you obtained the person’s information because of a single sale then there’s no good reason to still hold on to it for more than a few months. But if it’s a customer who orders frequently then there’s good justification for holding on to it. You need to determine what’s reasonable depending upon your answers to the above four questions, your industry and your internal processes. When you know what you need (and have permission) to keep, you should then delete all irrelevant records. It could be that you do still want to keep hold of some older customer data because it helps to analyse historic sales patterns – this is fine as long as you remove all references to the individual customers’ identities and just use the anonymous information itself. You can collate multiple records to anonymise a data set, keeping you within the guidelines. Do: Create the right privacy statements The new regulations also see tighter rules around privacy statements. You’ll need to be clear on: • Who you are
• What you’re asking for
• How you’ll use the data you collect
Read more on data:
- Barclays encourages UK SMEs to use big data for growth with new online service
- Companies that safeguard data privacy will reap rewards
- Security of personal data – are you complying with your obligations?
On the subject of dat protection and trust, how can you build trust in today’s digital world?
Ashleigh Wood is information governance officer at email software firm Communicator
Share this story