My brain is going fuzzy.... I am in paperwork mode. Bleugh.
Is anyone up for sharing - very, very basically - how you manage GDPR on this lovely sunny weekend?
I complete GDPR training every year in my 'day job' so I am well aware of the general principals, how personal data is affected, my responsibilities, penalties etc. in terms of being an employee. But I have been too lax with the business and need to get my house in order.
Until this week, I have generally just scribbled a customer's phone number/email down and then disposed of this once the job is collected. I have just upgraded to a FramR subscription and can now enter customer details onto my quotes, orders and invoices. These are then saved so I can search by customer if I need, and will help with running sales reports etc. This is fab. But...
Can someone explain - very basically - how I comply with GDPR if I do this? Specifically - will a privacy notice cover me as long as I inform customers that I am storing their data for xxxx amount of time, with the option to refuse? Can I keep printed invoices with customer name for as long as I need to keep tax records?
Going down a hypothetical rabbit hole, what would happen if a customer doesn't want me to keep their details on file (fine, I can just list it as a cash sale), but my printed paperwork has their name? Would I just redact this? And going further, where do I stand with customer enquiries via email, text and Messenger? Do I need to consider that somehow?
It has been drummed into me - painfully - how bad it can be for employees to fall foul of GDPR. So I am probably overthinking now I have to be a bit more responsible.
GDPR - Customer contact details and software.
-
- Posts: 281
- Joined: Fri 17 Feb, 2023 11:20 am
- Location: Wales
- Organisation: Arlais Framing
- Interests: Arts, crafts, framing and walking
-
- Posts: 1343
- Joined: Thu 23 Sep, 2004 8:31 pm
- Location: Detroit, Michigan USA
- Organisation: minoxy, LLC
- Interests: non-fiction knowledge
- Contact:
Re: GDPR - Customer contact details and software.
if your computer is used off-line for your business records, there should be no worry
Jerome Feig CPF®
http://www.minoxy.com
http://www.minoxy.com
-
- Posts: 281
- Joined: Fri 17 Feb, 2023 11:20 am
- Location: Wales
- Organisation: Arlais Framing
- Interests: Arts, crafts, framing and walking
Re: GDPR - Customer contact details and software.
Thank you, that's really helpful. I'll have to check if FramR is always offline, as it does need the internet to sync to the catalogues. I'm not sure if anything is stored on the server.
Does that apply to my email/Messenger records? As although they are for my use only, they are stored somewhere on a cloud.
Does that apply to my email/Messenger records? As although they are for my use only, they are stored somewhere on a cloud.
-
- Posts: 15
- Joined: Fri 07 Mar, 2014 10:53 am
- Location: Bristol
- Organisation: Niche Frames Europe Ltd
- Interests: Framing, Giclee
Re: GDPR - Customer contact details and software.
GDPR - Controls how we use data, is it being used for the purpose it was collected, am I sharing it with the company of which I use their software, are they going to use it or have access to it? When you are using data no matter how it is stored for a purpose other than the intended reason it was given you must inform the customer. If we wish to send out "newsletters" it must be them signing up and they receive an email confirming they wish to get the newsletter, before anything is sent. It is about security and fair play with data, informed decisions of what the data is used for. I hope this helps. If you are processing data then you need to pay a registration fee to the ICO.
-
- Posts: 171
- Joined: Thu 19 Mar, 2015 8:43 pm
- Location: Romsey
- Organisation: Dovetail Framing
- Interests: Travel, music and gardening
Re: GDPR - Customer contact details and software.
There are a lot of misconceptions about GDPR and you need to go back to the source at all times for the best information. If you go to ico.org.uk and click on 'Pay fee, renew fee or change your details' they will take you through an online checking tool that will assess your liability for a charge. If you're running a small business and not processing data for anyone else, then you will find that you're not eligible to pay a fee. I've just double checked for my business and this appears to still be the case. You're entitled to securely keep business records and hold personal data for the purposes of running your business. If you wish to send newsletters and regular mailings to your clients, then use something like Mailchimp, which has tools built in that are designed to keep you on the right side of the law.
Jonathan Birch GCF (APF)