SlideShare a Scribd company logo

Gdpr compliance critical changes

Download as PPTX, PDF
A
Angela Nubbert

The law's changing 25th May 2018, are you compliant? This is a summary of the critical changes and essential steps you need to implement taken from a small business owner's perspective.

Law
1 of 12
Understanding GDPR from a small business owner’s perspective Copyright: Coast-Academy.com
Disclaimer: The following guide contains summary information in relation to the new EU GDPR Law as I understand it. I have condensed the essential facts to make it easy and straightforward for the small business owner and solopreneur to implement. I am not a lawyer or law professional or in any way connected with the law, therefore, you may wish to take professional advice regarding this new compliance. Angela Nubbert Coast Academy Copyright: Coast-Academy.com
Introduction The basis of the new EU GDPR law is to protect individual privacy rights and update privacy law for current technology. The changes apply to any business, regardless of size. If you have a website or blog, or in any way collect client data, you must comply. Brexit won’t make a difference, nor does being in the States, Canada or anywhere else in the world. If there is the remotest chance of a customer coming from an EU country, then you will be required to comply with the GDPR law. Failure to do so could result in onerous penalties. Copyright: Coast-Academy.com
Critical Changes To Be Aware Of In Relation to Email Marketing and Sign-up Forms. You must obtain affirmative consent. It is now not enough to have an opt-in form, you must add a ‘tick-box’ in which the customer must take action to receive your documentation or sign-up to your newsletter. You must tell your customer how you intend to use their information. You cannot change the information you send to a customer after they’ve signed up. For example, if a customer is signing up to receive financial information, you cannot suddenly start sending them information regarding health and wellness news. You must post your Privacy Policy on your website and you need to place links to this policy throughout your website, but also on every form that ‘captures’ client data. A copy of the policy I use is at the end of this slide presentation, you are welcome to copy this information and use it for your own business. You must keep this data secure and notify customers within 72 hours of any data breach. Customers now have the right to request a copy of the data you hold on them, correct data and withdraw their consent to you holding their data. In addition, customers have the right to have their data erased, in other words ‘be forgotten’. Copyright: Coast-Academy.com
What If I Don’t Comply? There is every intention to enforce GDPR Law, penalties for non compliance include a fine of 4% of Gross annual income or up to £20 million whichever is the greater. Although these big numbers are most likely intended for much larger corporations, it goes to show how serious the EU is taking the implementation of this new law. You cannot block EU clients to circumnavigate the law, that’s an infringement of the GDPR law. Customers will have a private right of action against you if, by using a third party company that’s non compliant, you don’t protect their data, it’s in your interest therefore to ensure everyone you deal with is complying with GDPR law. Copyright: Coast-Academy.com
Essential Steps You Need to Take to Comply with GDPR by 25th May 2018 1. Add a Privacy Policy to your website. 2. On every opt-in or contact form on your website add a link to your Privacy Policy. 3. Put a link to your Privacy Policy in your website footer so it appears on every page. 4. Go through your email list and audit your sign-ups, segment if necessary, then send an email asking if they would still like to receive updates from you. There’s an example email at the end of this guide. 5. Audit everyone you deal with, for example, I use 123-Form Builder for student sign- ups; this company keep the data I’ve requested through my website, on their own system. I’ve confirmed they are GDPR compliant. Copyright: Coast-Academy.com
Essential Steps contd …/ 6. Use a Double Opt-in where possible, this is usually standard with most professional email companies such as Aweber, Mailchimp and Convertkit. Otherwise, your first email should confirm the reason why they’ve agreed to sign up with you and what you will be using their data for. 7. Re-affirm how customers can opt-out of your newsletters. 8. Advise how customers can view data you hold on them. 9. Make sure any third party companies you work with, who handle your client data (for example email companies) are compliant with GDPR. 10.Add a Cookie notice to your website with a link to your Privacy Policy. Ensure customers take affirmative action to confirm they’ve agreed to your Cookie policy. If they dismiss the Cookie notice without agreement, they should be blocked from continuing to browse your website. The following slide is an example of how you can word your Cookie notice. 11.Consider updating your Liability insurance to cover the possibility of anyone taking action against you. Copyright: Coast-Academy.com
Copyright: Coast-Academy.com
Here is an example of my updated Sign-Up form to take into account the new GDPR requirements. Two changes include: A reminder of what the customer is signing up for and a link to my Privacy Policy. Copyright: Coast-Academy.com
Suggested email to your contacts Since you signed up to my newsletter (either online or at an event) I have been keeping your name and email address so that I can keep you posted on our courses, activities and events. In accordance with the new GDPR law taking effect 25th May 2018, I need to ensure that you are still happy to receive our mailings and if this is the case, would be grateful if you would just hit reply to this email with ‘YES’. I use the service provider Aweber to manage my newsletter list and mailings, this ensures you data is kept secure. I do not share your data with anyone else and never will. If you would like to view the data held by me, please do get in touch. You can unsubscribe from my newsletter at any time by clicking the 'unsubscribe from this list' link in the footer below, or in any of my newsletters. You can also read about how I process personal data on my website here. (Link to your Privacy Policy) If you have any questions about the new General Data Protection Regulation (GDPR), which comes into effect on 25th May 2018, or about how I contact you, please do not hesitate to get in touch. Copyright: Coast-Academy.com
Copyright: Coast-Academy.com Copy of my Privacy Policy which you are welcome to copy: Your privacy is important to Coast Academy. By visiting and using this website, you agree and consent to the following Terms of Sale and Privacy Policy governing the collection and use of personally identifiable and other information by Coast Academy. As with all e-commerce websites, we collect personal information from you when you shop online. We use this information to make your shopping experience as easy and enjoyable as possible. We need it to process your order, inform you of any delays or problems with your order. The information we collect is: Your name Email address – for acknowledging orders, and sending status updates etc Delivery address Telephone number – only if there is a delivery problem Our third party payment processors use the latest secure server technology to ensure this information is protected to the highest standards. They use encryption to safeguard your credit card information and only accept orders from web browsers that permit communication through Secure Socket Layer (SSL) technology - this means you cannot inadvertently place an order through an unsecured connection. Most web browsers above version three support this security. This encryption makes it virtually impossible for unauthorised parties to read any information that you send us. The encryption technique we use is the highest standard available for e-commerce. If you sign up for our newsletter, we will process your personal information (name, email address) for the following legitimate business purpose: To send you email communications which we think will be of interest to you, ie information about news, activities, events and services. We currently use the service providers Wix and AWeber to manage the newsletter list and mailings. We do not share your data with anyone else. You can check or change your name and email address in our records by clicking the ‘update your preferences’ link in the footer of any email newsletter you receive from us. Remember to tick the “Email” box because our newsletters only come via email! You can unsubscribe from our newsletters anytime by clicking the ‘unsubscribe from this list’ link in the footer of any email newsletter you receive from us. If you book or attend a Coast Academy Online Course or Workshop, we will process your personal information (name, email address, name and date of course booked, payment received) for the following legitimate business purpose: To manage our course bookings, send you pre- and post- course emails with information about the course, and to keep a record of who booked which course so as to better plan future courses. We do not share this data with anyone else.
Copyright: Coast-Academy.com Whenever we process data for these purposes we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so please contact us. However, please bear in mind that if you object this may affect our ability to carry out the tasks listed above for your benefit. Data Protection Coast and Country Prints will never pass your details on to a third party for marketing purposes. If you have questions about your personal data or our privacy policy, please contact us at support@coast-academy.com. Cookies Cookies are small text files that websites send to your computer. A cookie can be thought of as an Internet user's identification card. They let the website know when the user has returned. This lets the site bring up information relevant to that user, for example your name, past orders etc. Cookies make the interaction between users and websites faster and easier. Without cookies, it would be very difficult for a website to allow a visitor to fill up a shopping basket or to remember the user's preferences or registration details for a future visit. Coast Academy website uses cookies to allow customers to move from one part of the website to another and to add items to the shopping basket without having to login repeatedly. Cookies are not computer programs, and can't read other information saved on your hard drive. They cannot be used to disseminate viruses, or get a user's email address etc. They only contain and transfer to the website as much information as the users themselves have disclosed to that website. We comply to the 1998 UK Data Protection Act and keep your information safe using the latest technology. Payment Processing We use PayPal to process online payments, Paypal provide a secure online payment gateway for your purchases and no credit or debit card details are kept by Coast Academy and its proprietors, you therefore accept that PayPal is responsible for any omissions or errors created by them and any payment queries will be dealt with between you, the purchaser, and PayPal. Coast and Country Prints is not able to interpose on your behalf. By placing an order with this website you affirm that you are either more than 18 years of age, or an emancipated minor, or possess legal parental or guardian consent, and are fully able and competent to enter into the terms, conditions, obligations, affirmations, representations, and warranties set forth in these terms and conditions, and to abide by and comply with these terms and conditions. In all instances of questions or queries relating to your use of this site, including but not limited to the purchase of products, please do not hesitate to contact us. We aim for high customer satisfaction and want to make your experience enjoyable. TELEPHONE:. EMAIL: POST:

Recommended

5 Alarm Privacy Policy
5 Alarm Privacy Policy5 Alarm Privacy Policy
5 Alarm Privacy PolicyFirePoliceEmergency
 
Mc donald
Mc donaldMc donald
Mc donaldVishal Sharma
 
Privacy policy
Privacy policy Privacy policy
Privacy policy Samir Mohammed
 
How to create a yahoo and hotmail accounts and how to connect to the internet
How to create a yahoo and hotmail accounts and how to connect to the internetHow to create a yahoo and hotmail accounts and how to connect to the internet
How to create a yahoo and hotmail accounts and how to connect to the internetmaria martha manette madrid
 
Email Deliverability Guide For 2013
Email Deliverability Guide For 2013Email Deliverability Guide For 2013
Email Deliverability Guide For 2013Learnhomebusiness.com
 
Writing articles
Writing articlesWriting articles
Writing articlesMoMoRelaxing
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
Say Consultancy Privacy Policy
Say Consultancy Privacy PolicySay Consultancy Privacy Policy
Say Consultancy Privacy PolicySay Digital Media
 

Recommended

5 Alarm Privacy Policy
5 Alarm Privacy Policy5 Alarm Privacy Policy
5 Alarm Privacy PolicyFirePoliceEmergency
 
Mc donald
Mc donaldMc donald
Mc donaldVishal Sharma
 
Privacy policy
Privacy policy Privacy policy
Privacy policy Samir Mohammed
 
How to create a yahoo and hotmail accounts and how to connect to the internet
How to create a yahoo and hotmail accounts and how to connect to the internetHow to create a yahoo and hotmail accounts and how to connect to the internet
How to create a yahoo and hotmail accounts and how to connect to the internetmaria martha manette madrid
 
Email Deliverability Guide For 2013
Email Deliverability Guide For 2013Email Deliverability Guide For 2013
Email Deliverability Guide For 2013Learnhomebusiness.com
 
Writing articles
Writing articlesWriting articles
Writing articlesMoMoRelaxing
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
Say Consultancy Privacy Policy
Say Consultancy Privacy PolicySay Consultancy Privacy Policy
Say Consultancy Privacy PolicySay Digital Media
 
Understanding GDPR in the context of WooCommerce
Understanding GDPR in the context of WooCommerceUnderstanding GDPR in the context of WooCommerce
Understanding GDPR in the context of WooCommerceChris Lema
 
2019 advanced mod_3_lesson_05_shop_policies
2019 advanced mod_3_lesson_05_shop_policies2019 advanced mod_3_lesson_05_shop_policies
2019 advanced mod_3_lesson_05_shop_policiesAlexander Radich
 
Email And Social Networking
Email And Social NetworkingEmail And Social Networking
Email And Social NetworkingHeather Grimes
 
How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019TechSoup Canada
 
GDPR - What You Need To Know
GDPR - What You Need To KnowGDPR - What You Need To Know
GDPR - What You Need To KnowAndrew Marks
 
Lipocast bitoech uk privacy and data protection policy
Lipocast bitoech uk privacy and data protection policyLipocast bitoech uk privacy and data protection policy
Lipocast bitoech uk privacy and data protection policyLipogems Equine & Lipogems Canine
 
Online policy primer
Online policy primerOnline policy primer
Online policy primerseanguo2
 
Privacy Policy | .College Registry
Privacy Policy | .College RegistryPrivacy Policy | .College Registry
Privacy Policy | .College Registryshallowunderstu04
 
OnePageCRM: Tackling GDPR - one bite at a time
OnePageCRM: Tackling GDPR - one bite at a timeOnePageCRM: Tackling GDPR - one bite at a time
OnePageCRM: Tackling GDPR - one bite at a timeOnePageCRM
 
Privacy policy
Privacy policyPrivacy policy
Privacy policypromakepromake1
 
Privacy & policy
Privacy & policyPrivacy & policy
Privacy & policyAiki Michael Tran
 
Workplace environment e-mail_and_internet_privacy_at_work
Workplace environment e-mail_and_internet_privacy_at_workWorkplace environment e-mail_and_internet_privacy_at_work
Workplace environment e-mail_and_internet_privacy_at_workShankar Myadharaveni
 
Privacy policy folson
Privacy policy folsonPrivacy policy folson
Privacy policy folsonTina Larsson
 
Research Project Ms
Research Project MsResearch Project Ms
Research Project Msmafer23
 
The CAN SPAM Act
The CAN SPAM ActThe CAN SPAM Act
The CAN SPAM ActJaime Christine Perez
 
Data Privacy
Data PrivacyData Privacy
Data PrivacyBeverly Chau
 
Privacy policy
Privacy policyPrivacy policy
Privacy policyMahesh Rajaghatta
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy PolicyJCBlake
 
Non-Commercial Domain Hosting
Non-Commercial Domain HostingNon-Commercial Domain Hosting
Non-Commercial Domain Hostingwebhostingguy
 
American Academy in Al Mizhar - Privacy Policy
American Academy in Al Mizhar - Privacy PolicyAmerican Academy in Al Mizhar - Privacy Policy
American Academy in Al Mizhar - Privacy Policyfarrahesham
 
E36 m3 bumper
E36 m3 bumperE36 m3 bumper
E36 m3 bumperadvanemotionus
 
ArticleCity.com - Privacy Policy
ArticleCity.com - Privacy PolicyArticleCity.com - Privacy Policy
ArticleCity.com - Privacy Policystereotypedclaw61
 

More Related Content

What's hot

Understanding GDPR in the context of WooCommerce
Understanding GDPR in the context of WooCommerceUnderstanding GDPR in the context of WooCommerce
Understanding GDPR in the context of WooCommerceChris Lema
 
2019 advanced mod_3_lesson_05_shop_policies
2019 advanced mod_3_lesson_05_shop_policies2019 advanced mod_3_lesson_05_shop_policies
2019 advanced mod_3_lesson_05_shop_policiesAlexander Radich
 
Email And Social Networking
Email And Social NetworkingEmail And Social Networking
Email And Social NetworkingHeather Grimes
 
How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019TechSoup Canada
 
GDPR - What You Need To Know
GDPR - What You Need To KnowGDPR - What You Need To Know
GDPR - What You Need To KnowAndrew Marks
 
Online policy primer
Online policy primerOnline policy primer
Online policy primerseanguo2
 
Privacy Policy | .College Registry
Privacy Policy | .College RegistryPrivacy Policy | .College Registry
Privacy Policy | .College Registryshallowunderstu04
 
OnePageCRM: Tackling GDPR - one bite at a time
OnePageCRM: Tackling GDPR - one bite at a timeOnePageCRM: Tackling GDPR - one bite at a time
OnePageCRM: Tackling GDPR - one bite at a timeOnePageCRM
 
Workplace environment e-mail_and_internet_privacy_at_work
Workplace environment e-mail_and_internet_privacy_at_workWorkplace environment e-mail_and_internet_privacy_at_work
Workplace environment e-mail_and_internet_privacy_at_workShankar Myadharaveni
 
Privacy policy folson
Privacy policy folsonPrivacy policy folson
Privacy policy folsonTina Larsson
 
Research Project Ms
Research Project MsResearch Project Ms
Research Project Msmafer23
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy PolicyJCBlake
 
Non-Commercial Domain Hosting
Non-Commercial Domain HostingNon-Commercial Domain Hosting
Non-Commercial Domain Hostingwebhostingguy
 
American Academy in Al Mizhar - Privacy Policy
American Academy in Al Mizhar - Privacy PolicyAmerican Academy in Al Mizhar - Privacy Policy
American Academy in Al Mizhar - Privacy Policyfarrahesham
 

What's hot (20)

Understanding GDPR in the context of WooCommerce
Understanding GDPR in the context of WooCommerceUnderstanding GDPR in the context of WooCommerce
Understanding GDPR in the context of WooCommerce
 
2019 advanced mod_3_lesson_05_shop_policies
2019 advanced mod_3_lesson_05_shop_policies2019 advanced mod_3_lesson_05_shop_policies
2019 advanced mod_3_lesson_05_shop_policies
 
Email And Social Networking
Email And Social NetworkingEmail And Social Networking
Email And Social Networking
 
How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019
 
GDPR - What You Need To Know
GDPR - What You Need To KnowGDPR - What You Need To Know
GDPR - What You Need To Know
 
Lipocast bitoech uk privacy and data protection policy
Lipocast bitoech uk privacy and data protection policyLipocast bitoech uk privacy and data protection policy
Lipocast bitoech uk privacy and data protection policy
 
Online policy primer
Online policy primerOnline policy primer
Online policy primer
 
Privacy Policy | .College Registry
Privacy Policy | .College RegistryPrivacy Policy | .College Registry
Privacy Policy | .College Registry
 
OnePageCRM: Tackling GDPR - one bite at a time
OnePageCRM: Tackling GDPR - one bite at a timeOnePageCRM: Tackling GDPR - one bite at a time
OnePageCRM: Tackling GDPR - one bite at a time
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy & policy
Privacy & policyPrivacy & policy
Privacy & policy
 
Workplace environment e-mail_and_internet_privacy_at_work
Workplace environment e-mail_and_internet_privacy_at_workWorkplace environment e-mail_and_internet_privacy_at_work
Workplace environment e-mail_and_internet_privacy_at_work
 
Privacy policy folson
Privacy policy folsonPrivacy policy folson
Privacy policy folson
 
Research Project Ms
Research Project MsResearch Project Ms
Research Project Ms
 
The CAN SPAM Act
The CAN SPAM ActThe CAN SPAM Act
The CAN SPAM Act
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy Policy
 
Non-Commercial Domain Hosting
Non-Commercial Domain HostingNon-Commercial Domain Hosting
Non-Commercial Domain Hosting
 
American Academy in Al Mizhar - Privacy Policy
American Academy in Al Mizhar - Privacy PolicyAmerican Academy in Al Mizhar - Privacy Policy
American Academy in Al Mizhar - Privacy Policy
 

Similar to Gdpr compliance critical changes

ArticleCity.com - Privacy Policy
ArticleCity.com - Privacy PolicyArticleCity.com - Privacy Policy
ArticleCity.com - Privacy Policystereotypedclaw61
 
ArticleCity.com - Privacy Policy
ArticleCity.com - Privacy PolicyArticleCity.com - Privacy Policy
ArticleCity.com - Privacy Policypainstakingsled66
 
The GDPR - A data revolution
The GDPR - A data revolutionThe GDPR - A data revolution
The GDPR - A data revolutionDan Brookman
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation Jim Kaplan CIA CFE
 
EU GDPR Changes: What do you need to know? - CommuniGator Seminar
EU GDPR Changes: What do you need to know? - CommuniGator SeminarEU GDPR Changes: What do you need to know? - CommuniGator Seminar
EU GDPR Changes: What do you need to know? - CommuniGator SeminarSpotler
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperServersys
 
Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...
Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...
Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...Semrush
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in BerlinMailjet
 
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)WBDC of Florida
 

Similar to Gdpr compliance critical changes (20)

E36 m3 bumper
E36 m3 bumperE36 m3 bumper
E36 m3 bumper
 
ArticleCity.com - Privacy Policy
ArticleCity.com - Privacy PolicyArticleCity.com - Privacy Policy
ArticleCity.com - Privacy Policy
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy Policy
 
ArticleCity.com - Privacy Policy
ArticleCity.com - Privacy PolicyArticleCity.com - Privacy Policy
ArticleCity.com - Privacy Policy
 
The GDPR - A data revolution
The GDPR - A data revolutionThe GDPR - A data revolution
The GDPR - A data revolution
 
Gdpr zilla
Gdpr zillaGdpr zilla
Gdpr zilla
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
EU GDPR Changes: What do you need to know? - CommuniGator Seminar
EU GDPR Changes: What do you need to know? - CommuniGator SeminarEU GDPR Changes: What do you need to know? - CommuniGator Seminar
EU GDPR Changes: What do you need to know? - CommuniGator Seminar
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist Whitepaper
 
Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...
Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...
Abbie Clement — GDPR, CCPA, ePrivacy: Which Data Laws Are Next and How the Ne...
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
 
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy policy
Privacy policyPrivacy policy
Privacy policy
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy Policy
 

Recently uploaded

如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书Fir L
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionNilamPadekar1
 
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxConstitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxsrikarna235
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementShubhiSharma858417
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书SD DS
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxKUHANARASARATNAM1
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书Fir L
 
An Analysis of the Essential Commodities Act, 1955
An Analysis of the Essential Commodities Act, 1955An Analysis of the Essential Commodities Act, 1955
An Analysis of the Essential Commodities Act, 1955Abheet Mangleek
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书SD DS
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书FS LS
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书Fir L
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书Fir sss
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsAbdul-Hakim Shabazz
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一jr6r07mb
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 

Recently uploaded (20)

如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 sedition
 
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxConstitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreement
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
 
An Analysis of the Essential Commodities Act, 1955
An Analysis of the Essential Commodities Act, 1955An Analysis of the Essential Commodities Act, 1955
An Analysis of the Essential Commodities Act, 1955
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 

Gdpr compliance critical changes

  • 1. Understanding GDPR from a small business owner’s perspective Copyright: Coast-Academy.com
  • 2. Disclaimer: The following guide contains summary information in relation to the new EU GDPR Law as I understand it. I have condensed the essential facts to make it easy and straightforward for the small business owner and solopreneur to implement. I am not a lawyer or law professional or in any way connected with the law, therefore, you may wish to take professional advice regarding this new compliance. Angela Nubbert Coast Academy Copyright: Coast-Academy.com
  • 3. Introduction The basis of the new EU GDPR law is to protect individual privacy rights and update privacy law for current technology. The changes apply to any business, regardless of size. If you have a website or blog, or in any way collect client data, you must comply. Brexit won’t make a difference, nor does being in the States, Canada or anywhere else in the world. If there is the remotest chance of a customer coming from an EU country, then you will be required to comply with the GDPR law. Failure to do so could result in onerous penalties. Copyright: Coast-Academy.com
  • 4. Critical Changes To Be Aware Of In Relation to Email Marketing and Sign-up Forms. You must obtain affirmative consent. It is now not enough to have an opt-in form, you must add a ‘tick-box’ in which the customer must take action to receive your documentation or sign-up to your newsletter. You must tell your customer how you intend to use their information. You cannot change the information you send to a customer after they’ve signed up. For example, if a customer is signing up to receive financial information, you cannot suddenly start sending them information regarding health and wellness news. You must post your Privacy Policy on your website and you need to place links to this policy throughout your website, but also on every form that ‘captures’ client data. A copy of the policy I use is at the end of this slide presentation, you are welcome to copy this information and use it for your own business. You must keep this data secure and notify customers within 72 hours of any data breach. Customers now have the right to request a copy of the data you hold on them, correct data and withdraw their consent to you holding their data. In addition, customers have the right to have their data erased, in other words ‘be forgotten’. Copyright: Coast-Academy.com
  • 5. What If I Don’t Comply? There is every intention to enforce GDPR Law, penalties for non compliance include a fine of 4% of Gross annual income or up to £20 million whichever is the greater. Although these big numbers are most likely intended for much larger corporations, it goes to show how serious the EU is taking the implementation of this new law. You cannot block EU clients to circumnavigate the law, that’s an infringement of the GDPR law. Customers will have a private right of action against you if, by using a third party company that’s non compliant, you don’t protect their data, it’s in your interest therefore to ensure everyone you deal with is complying with GDPR law. Copyright: Coast-Academy.com
  • 6. Essential Steps You Need to Take to Comply with GDPR by 25th May 2018 1. Add a Privacy Policy to your website. 2. On every opt-in or contact form on your website add a link to your Privacy Policy. 3. Put a link to your Privacy Policy in your website footer so it appears on every page. 4. Go through your email list and audit your sign-ups, segment if necessary, then send an email asking if they would still like to receive updates from you. There’s an example email at the end of this guide. 5. Audit everyone you deal with, for example, I use 123-Form Builder for student sign- ups; this company keep the data I’ve requested through my website, on their own system. I’ve confirmed they are GDPR compliant. Copyright: Coast-Academy.com
  • 7. Essential Steps contd …/ 6. Use a Double Opt-in where possible, this is usually standard with most professional email companies such as Aweber, Mailchimp and Convertkit. Otherwise, your first email should confirm the reason why they’ve agreed to sign up with you and what you will be using their data for. 7. Re-affirm how customers can opt-out of your newsletters. 8. Advise how customers can view data you hold on them. 9. Make sure any third party companies you work with, who handle your client data (for example email companies) are compliant with GDPR. 10.Add a Cookie notice to your website with a link to your Privacy Policy. Ensure customers take affirmative action to confirm they’ve agreed to your Cookie policy. If they dismiss the Cookie notice without agreement, they should be blocked from continuing to browse your website. The following slide is an example of how you can word your Cookie notice. 11.Consider updating your Liability insurance to cover the possibility of anyone taking action against you. Copyright: Coast-Academy.com
  • 9. Here is an example of my updated Sign-Up form to take into account the new GDPR requirements. Two changes include: A reminder of what the customer is signing up for and a link to my Privacy Policy. Copyright: Coast-Academy.com
  • 10. Suggested email to your contacts Since you signed up to my newsletter (either online or at an event) I have been keeping your name and email address so that I can keep you posted on our courses, activities and events. In accordance with the new GDPR law taking effect 25th May 2018, I need to ensure that you are still happy to receive our mailings and if this is the case, would be grateful if you would just hit reply to this email with ‘YES’. I use the service provider Aweber to manage my newsletter list and mailings, this ensures you data is kept secure. I do not share your data with anyone else and never will. If you would like to view the data held by me, please do get in touch. You can unsubscribe from my newsletter at any time by clicking the 'unsubscribe from this list' link in the footer below, or in any of my newsletters. You can also read about how I process personal data on my website here. (Link to your Privacy Policy) If you have any questions about the new General Data Protection Regulation (GDPR), which comes into effect on 25th May 2018, or about how I contact you, please do not hesitate to get in touch. Copyright: Coast-Academy.com
  • 11. Copyright: Coast-Academy.com Copy of my Privacy Policy which you are welcome to copy: Your privacy is important to Coast Academy. By visiting and using this website, you agree and consent to the following Terms of Sale and Privacy Policy governing the collection and use of personally identifiable and other information by Coast Academy. As with all e-commerce websites, we collect personal information from you when you shop online. We use this information to make your shopping experience as easy and enjoyable as possible. We need it to process your order, inform you of any delays or problems with your order. The information we collect is: Your name Email address – for acknowledging orders, and sending status updates etc Delivery address Telephone number – only if there is a delivery problem Our third party payment processors use the latest secure server technology to ensure this information is protected to the highest standards. They use encryption to safeguard your credit card information and only accept orders from web browsers that permit communication through Secure Socket Layer (SSL) technology - this means you cannot inadvertently place an order through an unsecured connection. Most web browsers above version three support this security. This encryption makes it virtually impossible for unauthorised parties to read any information that you send us. The encryption technique we use is the highest standard available for e-commerce. If you sign up for our newsletter, we will process your personal information (name, email address) for the following legitimate business purpose: To send you email communications which we think will be of interest to you, ie information about news, activities, events and services. We currently use the service providers Wix and AWeber to manage the newsletter list and mailings. We do not share your data with anyone else. You can check or change your name and email address in our records by clicking the ‘update your preferences’ link in the footer of any email newsletter you receive from us. Remember to tick the “Email” box because our newsletters only come via email! You can unsubscribe from our newsletters anytime by clicking the ‘unsubscribe from this list’ link in the footer of any email newsletter you receive from us. If you book or attend a Coast Academy Online Course or Workshop, we will process your personal information (name, email address, name and date of course booked, payment received) for the following legitimate business purpose: To manage our course bookings, send you pre- and post- course emails with information about the course, and to keep a record of who booked which course so as to better plan future courses. We do not share this data with anyone else.
  • 12. Copyright: Coast-Academy.com Whenever we process data for these purposes we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so please contact us. However, please bear in mind that if you object this may affect our ability to carry out the tasks listed above for your benefit. Data Protection Coast and Country Prints will never pass your details on to a third party for marketing purposes. If you have questions about your personal data or our privacy policy, please contact us at support@coast-academy.com. Cookies Cookies are small text files that websites send to your computer. A cookie can be thought of as an Internet user's identification card. They let the website know when the user has returned. This lets the site bring up information relevant to that user, for example your name, past orders etc. Cookies make the interaction between users and websites faster and easier. Without cookies, it would be very difficult for a website to allow a visitor to fill up a shopping basket or to remember the user's preferences or registration details for a future visit. Coast Academy website uses cookies to allow customers to move from one part of the website to another and to add items to the shopping basket without having to login repeatedly. Cookies are not computer programs, and can't read other information saved on your hard drive. They cannot be used to disseminate viruses, or get a user's email address etc. They only contain and transfer to the website as much information as the users themselves have disclosed to that website. We comply to the 1998 UK Data Protection Act and keep your information safe using the latest technology. Payment Processing We use PayPal to process online payments, Paypal provide a secure online payment gateway for your purchases and no credit or debit card details are kept by Coast Academy and its proprietors, you therefore accept that PayPal is responsible for any omissions or errors created by them and any payment queries will be dealt with between you, the purchaser, and PayPal. Coast and Country Prints is not able to interpose on your behalf. By placing an order with this website you affirm that you are either more than 18 years of age, or an emancipated minor, or possess legal parental or guardian consent, and are fully able and competent to enter into the terms, conditions, obligations, affirmations, representations, and warranties set forth in these terms and conditions, and to abide by and comply with these terms and conditions. In all instances of questions or queries relating to your use of this site, including but not limited to the purchase of products, please do not hesitate to contact us. We aim for high customer satisfaction and want to make your experience enjoyable. TELEPHONE:. EMAIL: POST: