GDPR – the General Data Protection Regulation – takes effect on 25th May, and here at Borg & Overström we’ve been reviewing how we gather and use data about our customers, to ensure we are fully compliant with the new data protection regime.
Like many other businesses whose customers are other businesses, we handle customer data in order to market our products and services to help grow our business, justified by what GDPR calls ‘legitimate interest’. We also require customers’ data to fulfil contracts between them and us.
The customer data we need to run our business is limited to things like contact addresses and telephone numbers, but any of our customers can contact us if they would like to clarify the information we hold about them or ask us to remove them from our database. And of course, there is also the option to ‘unsubscribe’ from our marketing emails by clicking on the unsubscribe link each one contains.
Rather than being a radical departure from current data protection laws, the GDPR is an evolutionary step designed to strengthen the rights of individuals to determine how their information is used. Its imminent arrival has provided a useful prompt for us – and no doubt many other businesses in the UK – to review how we gather and make use of our customers’ information. As a result, we’re confident our customers’ data is handled with the same care with which we would like our data to be handled, and that we’re ready and able to meet all the requirements of the new regulations.