Helping Our Clients With GDPR

Do you know what personal data you are storing and where it is stored? Do you have a policy for managing this data?

The 25th May is looming…

The deadline for being compliant with the new GDPR legislation is the 25th May 2018. From discussions with a lot of our clients this is something that is confusing, a little scary and something they are struggling with. There are a variety of experts out there with a variety of opinions, largely because the legislation has not yet been tested in practice and the guidance is developing on a constant basis.

How is it affecting us?

Well it appears there are two terms to describe people or businesses who hold data, a Data Controller and a Data Processor. Luckily for us at Sokada we are both… perfect!

  • We are a data Controller for the information we control; ie the names and contact details for our clients and their personal data.
  • We are a Data Processor when we process data for our clients ie your client’s customer data, which we can access to our clients’ websites.

This has meant extra work for us as we have had to update our Terms & Conditions, which all of our clients will now have to sign, agreeing that they will comply with our GDPR policy and are managing their data properly.

Help With GDPR

Getting the right policy

One of the key requirements seems to be a GDPR Privacy Policy. We are not sure how many businesses actually write their own policies, and whilst we do not condone the practice in reality, we all know many organisations “borrow” a policy from another organisation and “tweak” a few bits and believe their work is done.  This may not be enough for GDPR

In the past we have had a EU Cookie law which seemed almost as useful as an overly bent cucumber or chocolate that isn’t chocolate… EU law for the sake of it. But GDPR seems to be much more detailed. We are not sure how they will ever police many of the issues, but it has to be taken seriously. It’s also VERY important that we manage personal data properly.

So, the Privacy Policy now seems to be even more important. It should be used to detail and set out how personal data is processed as well as how it will be managed going forward. A bit like a Health & Safety policy where you have a plan for specific events; “in case of fire go to the fire door…”

Your Privacy Policy could state that once an online order has been processed you will delete any personal details within a specific time frame. Obviously one of the key elements to this is sticking to it and actually managing the data how you have said you will.

No one can you tell you exactly what 100% GDPR compliance looks like, as it means many things to many organisations. However, having a GDPR privacy policy is a good place to start. Just having a policy in place and keeping to it will be a positive thing and will reflect on the business favourably if there are any issues with GDPR.

A few simple tips to developing your policy

Firstly, sit down and work out the many different ways you process personal data, this includes, customers, employees, consultants, and suppliers. We have been looking at this from a website point of view as that’s one of the key areas where we process data.

Here are a few things to consider:

  • Website forms
  • Shop orders
  • Emails

Yes we know they are pretty obvious, but one thing we discovered is that a lot of our clients don’t really use the CMS (Content Management System) on their website. What our clients didn’t know was that when someone completes an enquiry form it stores a copy of that form online in the CMS. The same goes for online orders from the shops we manage. The client receives an email when an enquiry or order is placed and they just assume that is it. Even though we go over the CMS with them when we launch the site and have trained them in how to use it.

So, many customers are storing customers data in places they weren’t aware of. If this is you…. you will need to think about how you will be managing this data under GDPR?

How are we trying to help?

At Sokada we build our clients’ websites using WordPress in the same way that we designed our own website; we use very similar systems. We should be processing similar data and have the same issues. We have been trying to look at GDPR in a practical way that will enable us to help our clients.

To enable Sokada to comply with GDPR we need our clients to comply with GDPR.  To assist our clients we are therefore permitting you to use our revised T&C’s and our GDPR privacy policy as a template to base your own T&C’s and GDPR policy on. If you are interested in using them please contact us.   This is not legal advice from Sokada and you will need to amend them to reflect your specific needs and of course continually manage the data in accordance with the policy, but it’s a good start and better then starting from scratch.

Your GDPR policy is not set in stone, it must develop as your business does, diversifying and growing alongside it.

Sokada is committed to managing its way through the minefield that is GDPR and we are supporting our clients to achieve the same.

Why Network?

As a small business, it is vital that your brand is getting as much coverage as possible. You need to know that other local businesses a: know about you and b. know what you can do to help their business grow. Networking is a great way to do this as it puts you directly in front of many potential customers. As soon as you bag your first customer it will really prove the importance of networking!

A lot of Sokada’s business comes from networking. It works perfectly, as we can connect with many local businesses, building a network of people who may be able to take advantage of the tools we have in our arsenal for business growth. And it can also be an ongoing cycle – we work well with one business, they will hopefully refer us to other local businesses. One opportunity will definitely lead to others; exciting times!

The Importance of Networking

Shared Knowledge

It is also about shared knowledge. One thing we love to do at Sokada is help other businesses grow. And the customers we have worked with on both their websites as well as ongoing SEO, will vouch for us (we hope!). By networking within an effective group, you can get feedback on your work, share information as well as seeing things from a different perspective. Current legislations can also be shared, such as GDPR, SSL certificates, health and safety etc etc. Find out lots of ways to help your own business, by everyone helping each other.

Give Something Away

Make an offer to your fellow networkers. Give something away for free, to show you are an expert in your field. If people try you and you are good, then they will use you again, or refer you to someone else who needs your services.

Be the “Go To Guy”

Grow connections within a networking group – but see who they know too! Get your name out there as the “go to guy”and then people will come to you. They will start to know who you are, recognise your skills and you will receive increased credibility in your specialty.

Meet new people, grow in confidence and realise you ARE good at what you do, you CAN stand up in front of 20+ people and you WILL push yourself more in business.

If you are looking to connect with new customers by networking, you may have to have a few early morning starts, but if you pick a good group then it is so worthwhile and really proves the importance of networking.

If you are local to us and would like to start networking with other like minded people then please get in touch.