GDPR and YOU

Well we have some new EU legislation upon us and if you are business, you will no doubt have heard about GDPR. 

GDPR is the new EU General Data Protection Regulation that replaces the old Data Protection Directive and comes into force on the 25th May, 2018.

These regulations set down various requirements for companies that handle personal data. 

The requirements are various and depend on the company size. However I am not going to try and explain or interpret the GDPR.

 This PDF file link will give a good guide of what you need to be doing in your own business.

What I want to do, is explain what I am doing personally with any of your personal data that may be stored in my systems and what you can do.

Please note I am a sole trader and NOT a company.

So what exactly is personal data?


Personal data is any data (text, audio or video) from which someone may be able to identify the data owner.

i.e. names, addresses, facial pictures and email address (if they refer to the email owner) etc.

Firstly let me cover what personal data is stored.

These are areas of personal data I have stored.

– Name
– Business Name (if applicable)
– Email Address
– Postal Address
– Phone Number
– VAT Number (if applicable)
– IP Address
– Login credentials for websites and domain registration (These details consist of a username and a password)
– Email addresses for your website including copies of passwords.
– In some cases I have photographs of persons that have been provided for use on their business website.

NB: The username can be any combination of characters or could be an email address. Please note that only email addresses that refer to the owner are personal data.

For example: fredsmith@gmail.com would be personal data whereas 
fastcardriver@gmail.com would unlikely to be considered personal data as you could not directly identify the owner from the name.

Where is my data stored?



The login data will be stored on the server where the your website is located. In all cases these are located on servers, hosted in one of the few ISO27001 certified data centres in the UK and your data is backed up to storage servers within the UK.

All data that is backed up is stored on shared backup servers. The only people with access to these shared backup servers are the hosting staff. If you would prefer your data to be stored on a Dedicated Backup server that is locked down so that only you are able to access it then please do get in touch and I would be happy to discuss the cost and assist setting this up for you.

Domain registration in most cases is stored on a US based GDPR compliant server and is unlikely to directly reveal the identity of any person other than myself as mostly they are in my name and address.

I also keep copies of all your website and email login data on my password protected computer and I keep a backup that is stored separately.

I am also registered for GDPR with the governing body https://ico.org.uk/

What you need to know and what you can do

Most importantly – I do not share your data with any other organisation or websites, except for visitors to my website being able to visit your website via direct links and as laid out in my Privacy Policy

I am NOT asking all my clients to re-subscribe to my email as this is our way of communicating with one another on a general basis and I do not use it to market to you. Therefore your website logins will remain as they are and you will still continue to stay on my email and support system.

However you do have a number of options open to you as I will be acting as the Data Protection Officer for Bizwebsolutions, so you can contact me with any of the following requests.

1. You can request a copy of all the personal data I hold on you.
2. You can ask me to edit or remove any or all of that data.
3. You can contact me if you have any concerns or questions.

 

Contact Grahame

You can contact me by email at grahame@bizwebsolutions.co.uk or by mobile phone on 07786 222433.

You can also “reply” to any email I send to you.

If you do contact me regarding any Data Protection matter please ensure you clearly state your requirements. i.e. one of 1 to 3 above and any additional information that will help me to help you.

I hope you enjoyed reading my little GDPR summary as much as I enjoyed writing it and I would like to mention that I am not an expert with this legislation. For that you would need to seek the services of a solicitor / lawyer who knows about this. What I found as I went fact finding was there are very few experts out there at the moment and a fair amount of this legislation is open to interpretation. So my advice is be open and fair with other peoples data and you are at least on the right road to avoiding holding up a big ‘look at me’ sign!!!

 

Speak Your Mind

*