Detailing World  

Go Back   Detailing World > Lifestyle > The Money And Business Zone
DW Home Forum Home Merchandise Store Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

The Money And Business Zone All things money related, Savings, Finance, Pensions ,Insurance, Mortgages and more,

Thread Tools Display Modes
Old 23-05-2018, 09:49 PM   #1
Orbital Oracle
Jcwminiadventures's Avatar
Join Date: Dec 2011
Location: Somerset
Posts: 734
Thanks: 316
Thanked 146 Times in 130 Posts
Question New GDPR Regulations - Where to start to comply

Itís not a detailing buisness but Iím hoping anyone in the know could help a fledgling young buisness woman comply. I know it last minute but Iíve just been made aware this new law applies to every buisness so I need to get my skates on! The buisness is pretty new so Iím still learning & finding my feet. Iíve read tips etc about where to start but still going over my head!

My website is created & platformed by wix (domain is with fast hosts) so I will be adjusting my contact form to comply/adding a consent option. The few emails I have from previous contacts/jobs Iíll also be using a wix form to gain consent also.

My confusion still lies with how do you gain consent for mobile numbers & people that have only phone contacted you. Plus addresses of jobs to go to.

Also seems to be a black area if I need to create a privacy policy & what that needs to include!

Any help,tips & advice is gratefully receicved as been employed most of my working life to date this is all new.

Thanks in advance
Jcwminiadventures is offline   Reply With Quote
Old 24-05-2018, 08:15 AM   #2
T-Cut King (admin)
WHIZZER's Avatar
Join Date: Oct 2005
Location: On DW
Posts: 28,620
Thanks: 12,246
Thanked 18,015 Times in 6,658 Posts
If you need to collect anyone’s personal data :-
•Ask for permission stating the reason(s) you need it.
•If you don’t have permission don’t collect it.
•Only collect what you need.
•Only use it for the purpose(s)stated.
•While you’ve got it look after it.
•Keep it upto date and accurate.
•The data subject can withdraw their permission at any time.
•If you don’t need it any longer or permission is withdrawn get rid of it, SECURELY
WHIZZER is offline   Reply With Quote
The Following 7 Users Say Thank You to WHIZZER For This Useful Post:
Derekh929 (24-05-2018), djberney (24-05-2018), Jcwminiadventures (24-05-2018), kh904 (01-07-2018), stealthwolf (02-06-2018), Stoner (25-05-2018), tmitch45 (31-05-2018)
Old 24-05-2018, 11:08 AM   #3
Washmitt Meister
Join Date: Oct 2016
Location: Notts
Posts: 132
Thanks: 36
Thanked 52 Times in 43 Posts
Don't get too tied up on the consent side. Whilst it is important, it is only one of the bases for processing. Some of your processing sounds like it is more likely to fall under the performance of a contract basis, as this includes prior to entering into the contract. If someone contacts you by phone to go out and look at a job then those details will fall into the 'prior to entering into a contract' part.
Whizzers advice about only processing the minimum needed is great, and you should bear it in mind even under the other bases. This includes retention for only as long as necessary.
You need to come up with a privacy notice, possibly more than one, to cover who you are, what you process, how you process it and how long you are going to keep it.
It's obviously easier for bigger organisations to get specialists to do this, and there are plenty out there claiming to be, but just like detailing there are cowboys looking to make a buck who might not even do as good a job as you could do yourself with a bit of work.
Good luck with it.
djberney is offline   Reply With Quote
The Following User Says Thank You to djberney For This Useful Post:
Jcwminiadventures (24-05-2018)
Old 30-06-2018, 10:16 AM   #4
Washmitt Meister
Join Date: Jun 2018
Posts: 181
Thanks: 3
Thanked 123 Times in 100 Posts
as previous posts mention and spot on, its not all about consent, you are responsible for all the data collected and stored, there are still lots of grey areas so don't worry too much, the main thing at the moment is that companies are making an effort to comply and working towards it fully,

from the website point of view, you need to state what is collected and how its used and stored,

obvious one is the contact form and cookies,

others you may not realise could be things like google maps, social media widgets, Google Analytics, Google reCAPTCHA ( basically anything Google ),

if you use a payment gateway customer data will be handled but depending on platform possibly no information is moved through or held on the site its self, you could have a link to their privacy policy,

WIX will probably collect data about visitors to your site too, link to their policy,

if you looking at GDPR policies on other sites just remember they may not be optimised yet, as they are now supposed to be written in plain english too not all the legal jargon,
mar00 is offline   Reply With Quote
The Following User Says Thank You to mar00 For This Useful Post:
djberney (30-06-2018)

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +1. The time now is 03:55 PM.

Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
DTO Garage vBulletin Plugins by Drive Thru Online, Inc.

Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
DTO Garage vBulletin Plugins by Drive Thru Online, Inc.