fbpx

3 Tips for GDPR Compliance

Network Member, Eileen Ireland provides GDPR training that is uniquely catered to your business needs.

If you want to dip your toes into GDPR and tackle the 3 most important elements of GDPR I would suggest tackling the following:

 

1. Review Your Website for GDPR compliance

 

In order for your website to be GDPR compliant is must have the following:

  • Your website must be secure- you can see that my looking at the lock on the top left hand corner of your website. If the lock is closed then the website is secure- if it is open the website will say ‘unsecure’. An unsecure website will always turn customers away.

 

GDPR

 

As opposed to:

 

GDPR

 

  • Check your website for a separate Privacy policy and Cookies Policy- you should not have a joined one- this is not compliant. Your Privacy Policy needs to be comprehensive and have links to an email within your company and also your relevant Data Commissioner’s Office
  • You need to have the correct Cookies pop-up. You can no longer have an accept all Cookies pop-up- you have to give visitors to your website the option to chose the Cookies they are happy to have on their system.
  • You need to have a comprehensive Cookies policy which needs to outline the exact cookies that are present on your website, why they are there and how long they will be retained for.

 

2.  Social Media

Make sure you have access to all your social media and you know the logins and passwords- these are you responsibility to maintain. You need to review all the messages you are receiving and make sure you delete any personal data that you no longer need or didn’t request. Social media covers Facebook, Instagram, Linkedin, Twitter, and any other platforms.

 

3.  Carry out a Data Mapping exercise

This is a hugely important process to carry out- as a business owner you need to be aware of all the personal data you are processing, storing and retaining. This covers areas including but limited to: Employees past & present, temporary or contract, Clients past, present and prospective clients, Suppliers past & present, small and large, one off deliveries etc.

There are many other areas to consider as well- including social media, emails, WhatsApp, website, mailing lists, third party providers like Stripe, Paypal, Mailerlite, Mailchimp etc.

Once you have reviewed all information decide why you are storing it and if you have a legitimate, fair, transparent reason for storing this personal data.

Once you have carried out this exercise make sure you store it in a secure place as this is the first document an Auditor will ask for if you are ever investigated for a data breach or an audit.

 

Need GDPR help with your business?

Contact me:

Eileen Ireland

hello@regdpr.com

https://www.linkedin.com/in/eileenirelandgdpr/

QQI GDPR Trainer & Consultant working with all businesses Taking The Fear Out of GDPR