Written by Kam Lai |
Date: 15th May 2018
A practical guide to GDPR
This article is designed to be a practical, commonsense guide to get you up to speed and GDPR ready. Depending on the complexity of your organisation you may need more help or support in areas.
- Define your company activities. Are you a Data Controller, Data Processor or both?
List out your details for DC and/or DP, also list what services your company provides and what information is needed. List any information that is passed out to third party suppliers.
- Log all data that your company has. If possible add the location sourced and the date acquired. Define what data is essential for business use.
- Categorise the data. Use the following points to allocate your data
- – Customer/Client
- – Contact data (Support helpline or product helpline)
- – Third party data (non client, associated data like parent/child)
- – Legal data
- – Sales/Marketing
- – Non identifiable data
- – Transaction/Processing data (eg IP address logs on a website)
- Define your marketing activities.
- – What data is captured
- – What the data is used for
- – How users can opt-out of the data
- Test the security of your data, and of the location where the data is held. Depending on the scale and sensitivity of the data you may need to use an external provider to audit this for you.
- Create a process that allows people to easily get their data. Give users an email address they can use to request, delete or stop processing of their data.
- Make sure all your documentation is GDPR ready and ideally uploaded to your website.
- – Updating your terms and conditions
- – Creating a process for data breach and how you will lock it down
- Make your DPO and ICO numbers publicly available. You must put these on your website
We hope this article gives you some practical tips. It’s worth noting all this is our own thoughts and interpretations and may change as the law becomes clearer and more defined. We’re happy to discuss any points if you want to get in touch.
We apply this technical strategy to all our projects to create great digital products that help you do what you’re good at. Have a look at some of our case studies here