Did you know 82%* of companies have either not heard of GDPR or do not understand the true impact it will have on their business?
To ensure you have the tools and information you need to become compliant we recently held a GDPR seminar, inviting guest speakers to talk about the implications of GDPR on business.
We filmed the live seminar, so for those of you who missed it you can catch up below.
Journey to GDPR compliance - Jill Dovey, Associate Solicitor, Muckle LLP
Jill is a regular speaker on subjects such as GDPR and legal risks for businesses. She speaks about the implications of GDPR on businesses including data mapping, privacy by design and managing data transfers. Jill advises many clients on GDPR compliance shares her experiences and practical examples of how to approach this complex regulation.
GDPR: The Close Brothers Journey to date - Lydia Benatia, Data Protection Manager, Close Brothers
Lydia's role within Close Brothers is to work closely with stakeholders to advise on practical solutions for implementing Data Protection and Privacy legislation and regulations. She speaks about the highs and lows of preparing Close Brothers for GDPR compliance including next steps in the run up to the regulation.
Question & Answer Session
Our panel provide practical answers to a range of questions on GDPR and the impact it will have on businesses. Watch the video in full or click on one of the questions below to skip straight to the answer.
- Do you need consent to market to somebody that you have agreement with to provide your products and services to their clients?
- How long do we keep data for? And what about pre-consent data?
- What about fraudulent information, should we keep that forever?
- Does that include back-ups of the information and archives?
- Do I have to contact everyone on my list and ask them for consent to contact them?
- I have a customer database with no consent because it wasn’t required – what do I do with that?
- If you want to do direct marketing to those people for new products you’d need to get consent presumably?
- So could you send out a general email to various blocks of customers or would we have to contact them in a different way? And how do you record this consent?
- Do we have to get consent to keep peoples information even though they have opted out of marketing, do we have to delete them?
- What is the Information Asset Register?
- We’ve had our database for a long time, would it be a good idea to set up a consent form to send to them?
- Approved Representatives hold their own information, are they responsible for that or are we?
- If we get a request for information what do we have to provide?
- What do you do if you use a Cloud CRM which can be accessed from all over the world outside of the EU?
- Have we got an obligation to provide customers with a secure way for them to send their information to us i.e. a portal or can they just email it to us even though it’s not encrypted?
- We post documents, where do we stand if they go missing?
- There are a lot of discussions about a clean desk policy. Is it a breach if paperwork is left on a desk?
- Is WhatsApp considered a secure platform for the transfer of information?
- Is there a way to make email a robust data transfer platform?
*All figures, unless otherwise stated, are from a GMI survey conducted in August 2017. The survey canvassed the opinion of 900 SME owners across the UK and RoI and across several industries on a range of issues affecting their businesses.