Some great tips below about the GDPR.
- Where there is any doubt if you are dealing with a company or an individual treat them like an individual and ask for consent.
- If you get true leads from a trade show contact them within a month and check the permission at that time of contact.
- Make sure you include Opt-outs in all company emails.
- Set an appropriate scale and time for data storage.
- If you are a contractor make sure you have a contract in place between yourself and the data controller.
- If you have concerns make it impossible to use memory sticks on your laptops and desktop computers if you are unsure about data security.
- Make sure all of your staff are clear and aware of their obligations regarding data.
- Where possible ban staff from emailing any personal details and include this in your data guidance.
- If you have to email personal data make sure you encrypt it.
- If you are asked for permission to contact or to update your information and you ignore the email this does not mean consent, so a no response is not consent.
- The GDPR regulations are intended to be consistent across Europe and should not be subject to regional differences.
- If in doubt, ask the Membership team at the Forum or the ICO helpline, both are there to help.