In order for your website to be GDPR compliant is must have the following:
As opposed to:
Make sure you have access to all your social media and you know the logins and passwords- these are you responsibility to maintain. You need to review all the messages you are receiving and make sure you delete any personal data that you no longer need or didn’t request. Social media covers Facebook, Instagram, Linkedin, Twitter, and any other platforms.
This is a hugely important process to carry out- as a business owner you need to be aware of all the personal data you are processing, storing and retaining. This covers areas including but limited to: Employees past & present, temporary or contract, Clients past, present and prospective clients, Suppliers past & present, small and large, one off deliveries etc.
There are many other areas to consider as well- including social media, emails, WhatsApp, website, mailing lists, third party providers like Stripe, Paypal, Mailerlite, Mailchimp etc.
Once you have reviewed all information decide why you are storing it and if you have a legitimate, fair, transparent reason for storing this personal data.
Once you have carried out this exercise make sure you store it in a secure place as this is the first document an Auditor will ask for if you are ever investigated for a data breach or an audit.
Need GDPR help with your business?
QQI GDPR Trainer & Consultant working with all businesses Taking The Fear Out of GDPR