What is GDPR?
The General Data Protection Regulation (GDPR) is a new law that requires businesses to have better control over how they collect, hold and use customer data. It also gives the customer more power to find out who owns their data and what they should be doing with it. GDPR will come into effect on the 25th May, 2018.
According to the GDPR directive, personal data is any information related to a person such as a name, email, physical address or a telephone number for example. The way in which this data is collected, stored and used is applicable to our employees, our customers and our suppliers and it’s important that you have trust in the way in which we handle this information.
besley & copp strongly support the new GDPR regulations as in the long term, it will enable us to engage more effectively with our customer base. The information that we hold will be more up to date and we will be talking to customers than actively want to hear from us.
Keeping in Touch from the 25th May 2018
Over the coming weeks, we will be contacting all our existing customers and asking them to confirm if they are happy for us to stay in contact after the 25th May. We will ask you to either ‘opt in’ or ‘opt out’ of correspondence such as email, letter or telephone for example. You will also have the opportunity to update your information at the same time.
Opting in is essential if you still want to hear from us. Whether it’s for general portal support, new product information or what’s new at besley & copp, we need to confirm that you are happy for us to keep you informed. If we don’t hear from you, we cannot proactively contact you, so you may not receive important information or opportunities.
What are we doing to get ready for GDPR?
Although we have always taken great care with the personal data that we hold, we are actively auditing all our processes to ensure that we are complying with the new EU regulations.
We are ensuring that decision makers and key people in your team are aware that the law is changing and how these new regulations will affect our business processes.
We are currently auditing the data that we hold on behalf of our customers. This involves verifying the information that we hold, how it’s stored and who we share it with.
We are reviewing our current privacy notices and will be updating these to give our customers more information.
We will ensure that our customers will have complete control over the information that we hold for them.
We will ensure that we have procedures in place to handle information requests in a professional and timely manner.
Reason for Processing Personal Data
We will clearly state why we are storing your personal information and what it is used for.
We will ensure that Consent you give us to store and use your information is clear and unambiguous.
We understand that Consent cannot be given by anyone under the age of 16.
Whilst unlikely, we will ensure that we have procedures in place to monitor and detect a data breach.
Data Protection Impact Assessment
Where required, a Data Protection Impact Assessment (DPIA) is required in situations where data processing is likely to result in a high risk to an individual’s privacy.