GDPR Compliance
The General Data Protection Regulation came into force on the 25th May 2018 and all companies need to comply with the new law.
Take A Byte has a dual role when it comes to GDPR compliance
1) We need to make sure that we are fully GDPR compliant with the data we hold on our own customers
2) We also need to help our own customers to be GDPR compliant. They hold large quantities of customer data within our systems and we can help with this compliance by providing tools that make the process of compliance easier.
To this end we have introduced a set of new features to help with the GDPR compliance process.
Our new GDPR specific features
There is now a new set of training videos that show all of these new features. Click here to view them
1) Seeking permission from existing customers
For customers that are already on your database permission must be requested to retain their personal data. The ‘In-Contact’ system will provide a method of contacting existing customers using the ‘mailshot’ feature already built into ‘In-Contact’. A special form of stationery will be used with voting buttons embedded in the email . This will allow your own customers to quickly respond with either ‘Yes, I’m happy for you to retain my data’ or ‘No, I want you to remove my data’. The use of these buttons will mean your own staff will not need to process the responses thus speeding up the process and improving accuracy.
2) Asking the right questions during booking
When a booking is taken the customer will be asked if their details can be held on the database and for how long. They will also be asked if their details can be passed on to other companies for the purpose of marketing. Both questions will be ‘opt in’, that is the default will be ‘no’. These questions will be asked each time a booking is made.
3) The right to be forgotten
When receiving a request to have a customers data removed a record of the request will be stored before all personal data is removed. This will allow ‘Take A Byte’ customers to demonstrate that they are complying by showing this log to any investigating authority. The ‘In-Contact’ system will ensure that all personal data is securely erased.
4) The right to see a copy of all personal information
When receiving a request to see all personal information the ‘In-Contact’ system will create a document containing the personal information and send it to the customer. If the information is emailed then a portable version of the personal information will be attached. A log of the request will be kept so that compliance can be verified to any investigating authority.
5) GDPR Compliance Report
The compliance report will show you how many of the contacts on your database meet compliance requirements and how many do not. This will then allow you to take appropriate action to improve your own compliance, for example, by secure erasing those that are not compliant.
6) Removing none compliant customer data easily.
Once you have identified groups of customer data that are no longer GDPR compliant there will be easy methods to remove this data from your database.
Our Data Protection Policy
Take A Byte has a data protection policy document that you are welcome to download and view.
Please click here to view our Data Protction Policy document.