Data Protection Shocker!
We caused an Insiders hot post. All we asked was “Can we check you have all registered with the ICO?”
When the data protection laws were updated in May 2018 we spent many many months in the lead up to this ensuring everyone attending our events or reading our blogs were aware that it was highly unlikely they had a business that would be exempt and would have to take action.
We even ran an update masterclass session in late 2019 with Adavista who deliver our data protection policies and advice to check everyone knew how to process data and how it is good for business when you get it right, not forgetting how costly it is if you get it wrong!
Did you know for instance not being registered with ICO could cost you a £400 instant fine?
So we were a little surprised when we discovered that business owners were still not registered. We work closely with Robyn Banks to ensure we help you access the best quality advice neccesary to be compliant. Here Robyn Shares a few key points to get you started. And even if you answer no, I’ve not done that! to every single point, don’t panic, we are here to help. Post to the Insiders and Robyn (who is also an Insider) will help. Our Insiders have all experienced so much in business so they will have advice on what to do too. (Not just someone random on Facebook who heard it at networking event once!)
Here are a few key points to consider;
- The ICO fee is not the only part of data protection compliance – have you considered other documentation?”
- Are your emails compliant with e-privacy regulations?
- What about a Privacy Notice? Do you know for sure yours has the correct info in it?”
- How long and technical is our Privacy Notice? Legal jargon should NOT be there!”
- If the Privacy Notice is longer than a side and half of A4 – is anyone going to read it?”
- The more detail you put into a Privacy Notice, the more loopholes you are creating for exploitation – that doesn’t protect your business!”
- Is your use of data documented appropriately? Does int include all the concepts it should?”
Everything covered here in these data protection/GDPR tips is legal requirement – At BWN we don’t want you to get caught out! Robyn Banks doesn’t either – which is why she is an Affiliate and offers a discount to BWN on her already low fees.
How long does it take to get legal?
For our own policies and registration it took us 1.5 hours to become compliant! We had a conversation with Robyn who wanted to know how we process information and where we store your data. Then Robyn went off and wrote tailor made documentation for our business. And then we updated our website and email accordingly.
Simple.
And not worth the risk of thousands of £s in fines – £400 is only for not paying the fee and the tip of the iceberg in terms of non-compliance.!
To join the Insiders click here. You can ask Robyn anything. Robyn is a very active Insiders member and keen to help all businesses be legal when it comes to data protection. If you missed her interview on BWN TV – with a mention of helping to land a British Airways plane in Russia at the age of 21! You can watch that here.
Business Cards, Data Protection and Networking – What you need to know.
We do our best to put the finest quality experts in front of you our business women (and increasingly business men) because we want to ensure whatever the law or the trend you are bang up to date.
Here Robyn Banks from Adavista shares some essential information for every business owner around data protection legislation, networking and business cards.
I have recently been made aware that there’s still a lot of misunderstanding about the impact of the UK data protection legislation on businesses, particularly when business owners are networking.
At The BWN I know they strive to ensure that they act appropriately with the data they hold on behalf of their members and contacts. (I’m The Data Protection Specialist that Mandie Holgate – Founder of The Business Womans Network and her team use for their own compliance.) The success and building of the businesses of our “members” is fundamental to our ethics and every month I network with The BWN I do my best to ensure everyone is getting it right.
As a data protection implementation specialist I know how the law is supposed to work however I can also see how complicated and confusing it can appear for business women.
When Mandie and I spoke recently I decided to write this article to give some guidance to remind business owners of the protocols around networking and business cards. (These are the “rules” that I help The BWN, Mandie and her team follow.)
Networking is big business in today’s corporate world as we all strive to take our place in the workplace. For many small business owners (and even some larger corporates) networking and learning about other people’s businesses and how they can complement our own is a vital, or even the only, marketing tool we use.
To help a person remember us and what we do, we hand out business cards at networking events. A business card holds personal data as defined in UK data protection legislation, including the UK Abridged “GDPR” – but the concepts around the protocols of utilising this data have been around in previous legislation too –namely the Data Protection Act 1998. The new legislation of May 2018 did not change these protocols.
If I am given a business card at a networking event, then that is “consent” from the individual to contact them and either
a) seek more information on what they do.
or
b) market my services to them.
This I can do once without seeking further consent from them. If they do not wish to receive further information from me, then they should send a polite email asking me to desist from sending them “stuff”.
If I ignore this request and send more, they should ensure I have received their request to stop! If I have and still persist in sending them information, then they have the right to take this further with the supervisory authority, the Information Commissioner’s Office (ICO).
ICO are very unlikely to take any action, even investigate, if the person has not “unsubscribed” and ensure I have received the “unsubscribe”!
I was at a BWN event recently where the respect for data was taken even one step further – and for the record, it was not just because I was there!
One lady present at the event really did not feel comfortable being included in any of the photos taken by the event photographer – and so she wasn’t. No fuss, just noted and no follow up needed as no pictures of the lady concerned have been included in any of the “publicity” for the event. That’s respecting Data.
The key point here is to be professional and not use a misunderstanding of the law to “put down” others – especially competitors. However well meant it just causes aggro and can be avoided if everyone respects the protocols in the first place.
Let me sign off by saying that there are still a lot of business owners out there who think they have the premium knowledge on data protection impacts on business – only to show themselves up as non-professional in their approach. This then impacts more on their business than those they are trying to “harm” as it damages their credibility and reputation more than those they were trying to be clever about.
Data protection is not a new thing, business owners need to be interested in it, is. If in doubt ask an expert not someone that “heard a talk once.” I find that the companies (and I include Mandie’s here) that get it right easily are those that were already getting it right.
I know that The BWN does not add people to it’s data base and uses platforms like Mailchimp to ensure when they do get in touch they are doing it in an ethical, professional and legal way – something that the law now looks to enforce, I feel that the smart businesses already have a respectful approach and that makes my job easier!
I attend many BWN events and I’m happy to have a chat anytime. I will also be one of the experts on hand on the 20th of March at The BWN’s 11th birthday so feel free to pose questions on the day too.