Back To Main Page
General Data Protection Regulation for Clients
At BDP Agency, we want to work with our clients to ensure that they are also covered under the new regulations for GDPR in relation to our B2B Marketing Data. It is our intention to keep you up-to-date as new items are released on the GDPR living document. If you have any questions, regarding BDP Agency and the General Data Protection Regulation, please give us a call on 0333 200 1860.
We highly recommend you Register with the ICO for Data Protection. There is notification from the ICO that businesses may not have to register from next year, however for now please do this asap to ensure you are staying on the right side of the law. It takes 15 minutes and for most companies, the cost is a minimal £35.00.
Once you have received your certificate from the ICO (see step 1). We recommend looking at the Self Assessment Toolkit for Data Protection. This is an opportunity for businesses to complete a questionnaire anonymously and see the results instantly in a simple traffic light system of red, amber or green for areas that are covered by your business or areas that need to be worked on. You can then divide up the tasks that you believe need to implemented with your colleagues.
In a world where everything is operating online at an incredibly fast pace, it is essential that your IT security is of extreme importance. If you hold data within your systems you need to recognise that it may be at risk and take appropriate technical measures to secure it. The practical steps outlined in this IT Security Guide will help you decide how to manage the security of the data you hold.
You will note on our Compliance and Accountability page, we have outlined the minimum requirements that we have personally researched for our business and this could also translate to our clients too. Take a look at these steps to identify any gaps that you still have remaining after working through the above articles.
Quick GDPR Checklist
Here are a few quick questions that we believe will help you come to a conclusion about the data you hold. Being able to answer yes to every question on our GDPR Checklist means you are certainly heading in the right direction towards compliance.
- Do you know what you are going to use the data for and is there a legitimate interest?
- Am I satisfied that I am holding the data securely, whether its on paper or computer? and what about my website / email system or 3rd party supplier – is this secure too?
- Do I delete / destroy data has soon as I do not have any further need for it and have I informed the relevant parties?
- Is access to the data limited to those personnel with a strict need to know?
- If I use CCTV, have I notified any relevant parties i.e. staff / visitors and are cameras positioned away from recording data i.e. from computer screens and have I informed the ICO has part of my data protection act registration?
- Have I trained my staff in their duties and responsibilities under the Data Protection Act, and are they putting them into practice?
- Do I have a policy for dealing with any issues that arise with regards to Data Protection?
- If I’m asked to pass on personal information, am I & my staff clear when the Act allows me to do so?