GDPR and your contracts – now that tsunami of email from May last year is like a distant dream of your inbox following a desperate relationship breakdown, maybe it’s time to re-evaluate where you are at with GDPR, and take advice?
So, what should you have ticked off your operational to do list? And what’s GDPR got to go with your contracts?
Let’s also assume that your contact us page on your site gives customers the choices about what to receive and how to receive it – a clear opt-in to receive materials from you.
And let’s hope that you are no longer sending out marketing and prospecting emails to contacts who have not given some sort of consent – either under the old regime passively (that’s OK but you need to show how that was obtained….) or an actively opted in consent under the new rules. Here’s a helpful tool if you need more info, but I think enough has been said about that issue by GDPR experts…
So what else….
- If you like to continue to follow up clients with birthday cards, anniversary cards or other communications, its worth adding that into your contracts too. Its HIGHLY unlikely that this represents a GDPR risk (using data without a basis for processing) but its ‘belt and braces’ and allows you to continue your relationship, and nurture possible referral and recommendation channels with your existing and past customers without risk.
- Have you created a simple policy about data retention? How long are you going to keep materials about the jobs you do, and the people you work with – both practically (there is only so much space in your loft…) and from a legal perspective, you need to consider what’s essential and what’s disposable. Most lawyers will recommend that you keep materials about a job for a minimum period of 6 years because that’s the limitation date (how long someone has to start a claim in the court) for any claim alleging that you breached your contract for services or the supply of goods or were negligent. HMRC say you must keep tax records for 5 years so that’s likely to be where your accountant would pitch your destroy date options. Many photographers and videographers like to archive materials within 12mnths of the date (the files are huge, so storage space is an issue). Whatever you do – and take some advice – please have a policy.
- General office tidying up should be maintained. Locked cabinets, no personal data on white boards, clear desk, securely kept and regularly changed PC passwords, not taking unnecessary data off site, good general security. Obvious stuff that ensures data is safe and protected.
Our templates for wedding professionals client contracts deal with GDPR clauses as well as other essential issues, so if you have purchased one, you are good to go! If you need some advice – email us and we can help.