All BDP Data Licences are provided with the assurance that when you hold our B2B data, this is 100% complaint with both GDPR – the General Data Protection Regulations and our GDPR Policy during the period of the licence agreement.
Our message for B2B data & GDPR.
Our message for B2B Data and certainly that from the Information Commissioners Office (ICO) is as follows:
“do not be worried about GDPR, if you are Data Protection Act (DPA) compliant already then you are well placed for GDPR compliance and this can be an excellent point to build on”
Here at BDP, we have had our share of sleepless nights wondering about the future of the industry and the conclusion is that, the more information that has been disseminated about these new regulations, the more we believe this is a good thing and will help boost the industry and its key businesses.
We have put together a whole package of information about the upcoming General Data Protection Regulation (GDPR) legislation, the Data Protection Act (DPA), and the Information Commissioners Office (ICO) for further reading in a positive light to reassure our clients and new prospects that carrying out marketing campaigns in a Business to Business Data industry is going to be a positive experience for all.
Putting people first.
As well as being registered with the Information Commissioners Office (ICO), we have also invested in our staff to provide training and assistance in both:
– the Data Protection Act (DPA) and
– General Data Protection Regulation (GDPR)
as well as attending many further small courses. We believe in this training and recommend these companies to our current clients.
BDP Agency Awards & Training in Data Protection Regulation
As well as being registered with the ICO as outlined above, here are some of the companies that have provided training and assistance in both the Data Protection Act and General Data Protection Regulation to BDP Agency and we are pleased to announce that our staff have passed all their training with distinctions and received certificates in each case.
All staff are also provided with a “Data Protection Act & Security Course” during the first few weeks of their employment with our business to ensure that our company is working to the same level of service company wide.
- There are some great videos on the ICO YouTube channel as further resource: ICO YouTube
- There is also a register for every Data Controller to notify the ICO. More than 400,000 organisations are currently registered. Are you registered yet? Here is the link, it takes approximately 15 minutes and for most companies, the cost is £40.00. Register here.
GDPR and BDP Agency.
Accountability & GDPR Policy Compliance Requirements.
Many of the GDPR’s main concepts are currently much the same as those in the current Data Protection Act (DPA).
Therefore, our ongoing compliance for B2B Data remains valid under GDPR law and has been an excellent base to build on when awaiting the implementation on 25th May 2018. Here we outline the new elements and enhancements introduced and we pledge to work closely with the Information Commissioners Office (ICO) and initiate any further changes as they are introduced.
General Data Protection Regulation Accountability
Many of the GDPR’s data protection principles are currently much the same as those in the current Data Protection Act (DPA). Therefore, our ongoing compliance for B2B Data remains valid under GDPR and therefore gave us an excellent base to build on whilst awaiting the EU General Data Protection Regulation start date of 25 May 2018.
The elements and enhancements introduced for GDPR have been implemented by BDP Agency according to the steps listed below. The GDPR regulations can be viewed as a living document, with new guidance being introduced ongoing, BDP Agency have pledged to work closely with the ICO and initiate any changes as they are introduced.
The GDPR policy text places greater emphasis on the documentation that data controllers keep to demonstrate their accountability. Therefore, BDP Agency being a supplier of B2B Data will ensure that all data we supply to our clients meet the standards outlined below and that any changes that effect our clients licensing conditions are met.
We have outlined the steps below in our GDPR Summary document and confirm that the relevant sections to our B2B Data services have been met and are monitored on an ongoing basis to identify any changes since the release of GDPR on 25th May 2018. You can also see more information on our recent GDPR accreditations too.
Step 1: Accountability and governance
1.3: Information you hold
1.4: Data Protection by Design and Data Protection Impact Assessments
1.5: Data Protection Officers
Step 2: Key areas to consider
2.1: Lawful basis for processing personal data
Step 3: Individuals’ rights
3.1: Communicating privacy information
3.2: Individuals’ rights
3.3: Subject access
Step 4: Breach notification
4.1: Data breaches
Step 5: Transfer of data
GDPR Policy and our clients.
Regulation for our clients
What Do You Need To Do?
BDP Agency have put together some specific resources for our clients to assist in becoming compliant with the new laws and further changes should they be introduced.
We believe in supporting our clients and advise that you work through the package of documents which will give you an excellent understanding of the General Data Protection Regulation (GDPR) and ensure you are closer to becoming compliant in an efficient and cost saving method.
General Data Protection Regulation for Clients
At BDP Agency, we want to work with our clients to ensure that they are also covered under the new regulations for GDPR in relation to our B2B Marketing Data. It is our intention to keep you up-to-date as new items are released on the GDPR living document. If you have any questions, regarding BDP Agency and the General Data Protection Regulation, please give us a call on 0333 200 1860.
We highly recommend you Register with the ICO for Data Protection. The Data Protection Regulations 2018 requires every organisation that processes personal information to register with the ICO. Please do this asap to ensure you are staying on the right side of the law. It takes 15 minutes and for most companies, the cost is a minimal £40.00.
Once you have received your certificate from the ICO (see step 1). We recommend looking at the Self Assessment Toolkit for Data Protection. This is an opportunity for businesses to complete a questionnaire anonymously and see the results instantly in a simple traffic light system of red, amber or green for areas that are covered by your business or areas that need to be worked on. You can then divide up the tasks that you believe need to implemented with your colleagues.
In a world where everything is operating online at an incredibly fast pace, it is essential that your IT security is of extreme importance. If you hold data within your systems you need to recognise that it may be at risk and take appropriate technical measures to secure it. The practical steps outlined in this IT Security Guide will help you decide how to manage the security of the data you hold.
You will note on our Compliance and Accountability page, we have outlined the minimum requirements that we have personally researched for our business and this could also translate to our clients too. Take a look at these steps to identify any gaps that you still have remaining after working through the above articles.
Quick GDPR Policy Checklist
Here are a few quick questions that we believe will help you come to a conclusion about the data you hold. Being able to answer yes to every question on our GDPR Checklist means you are certainly heading in the right direction towards compliance.
- Do you know what you are going to use the data for and is there a legitimate interest?
- Am I satisfied that I am holding the data securely, whether its on paper or computer? and what about my website / email system or 3rd party supplier – is this secure too?
- Do I delete / destroy data has soon as I do not have any further need for it and have I informed the relevant parties?
- Is access to the data limited to those personnel with a strict need to know?
- If I use CCTV, have I notified any relevant parties i.e. staff / visitors and are cameras positioned away from recording data i.e. from computer screens and have I informed the ICO has part of my data protection act registration?
- Have I trained my staff in their duties and responsibilities under the Data Protection Act, and are they putting them into practice?
- Do I have a policy for dealing with any issues that arise with regards to Data Protection?
- If I’m asked to pass on personal information, am I & my staff clear when the Act allows me to do so?
GDPR Policy and latest news.
Links to Further Resources
After extensive reading and some training courses, we have put together some of the blogs, news, articles and resources that we keep up-to-date with here at Business Data Prospects.
At this present time, the new laws introduced surrounding Data Protection are vastly covered, while some points and changes are still under consultation and therefore we hope that you will find these useful as well as factual documents about their latest updates moving forward.
Article 29 Working Party
The Article 29 Working Party (Art. 29 WP) is made up of a representative from the data protection authority of each EU Member State, the European Data Protection Supervisor and the EU Commission. The purpose of Art. 29 WP was set out in Article 29 of the Data Protection Directive in 1996. Its mission is to provide expert advice regarding data protection.
Information Commissioners Office (ICO)
The Information Commissioner’s Office is based in the UK is the independent regulatory office dealing with the Data Protection Act 1998 and the PECR across the UK.
The ICO writes the ICO Data Blog of Current Events here
The ICO also report the ICO Current News and Speeches here
Ready to start working with us?
Start getting better results today.
BDP Agency and GDPR.
Our licensing and terms and conditions ensure that all purchases from us and any consequent marketing undergone is GDPR compliant. GDPR policy regulations consist of rules regarding the processing of data and its purpose, as well as documenting use and possession.
Learn more >