As we start to emerge from the Covid crisis and those businesses that closed or operated under reduced capacity start to turn their attention to finding vital new revenues, it may be worth casting your eye over your own website to ensure it promotes your business positively and effectively. I can guarantee that some businesses will look at prospective suppliers and immediately discount them out of hand.
Any business that has gone through the trouble and expense of aligning themselves with data protection regulations, will know very well that they can’t share data with a business that isn’t similarly aligned. You may even have received a questionnaire from existing clients about data protection (more about this later).
So how would anyone know? Your Privacy Notice is your unofficial Data Protection advertising tool! If you call it a Privacy Policy (there’s a not very subtle difference), they probably don’t even need to open it to find out what you have or haven’t done around GDPR. Your Privacy Notice is specific to your business, the old practice of copying and pasting simply won’t convince anyone anymore.
The GDPR is often accused of lacking specific detail and being too generic. When it comes to sharing data the Controller (the organisation that decides how data is handled) has some very specific requirements to adhere to regarding any 3rd party (processor) they share data with. The usual answer I hear from clients at this point is that they don’t share it with anyone. If you have a website with a contact form, the likelihood is that your website designer has access to that data, and then there’s your IT support company. You don’t need to send personal data to a third party, they just need access.
Under GDPR a controller is legally obligated to:
So, if you are keen not to miss out on new business, ensuring you have a compliant Privacy Notice is a good place to start!
You might also be interested to know that if you process personal data on behalf of someone else and you don’t have a written agreement, by definition you become a data controller and take several additional exposures and responsibilities.
If you’ve received a questionnaire and blindly confirmed that you treat personal data in a way that you don’t, you take on several additional business exposures and risks.
At The Compliance Consultancy we’re actively trying to help businesses, and providing free help around creating a Privacy Notice, just give us a call.
The Compliance Consultancy have been helping businesses with data protection from well before GDPR became law in 2018. I have the CIPP/E qualification which is an accreditation from the International…
Post articles and opinions on Manchester Professionals
to attract new clients and referrals. Feature in newsletters.
Join for free today and upload your articles for new contacts to read and enquire further.
