GDPR (General Data Processing Regulation)
As of the 25th May 2018 the new GDPR (General Data Processing Regulation) rules apply. I’ll keep this simple.
The only information I keep about any of my customers & suppliers are their contact details which includes company name along with contact names and position within the company and necessary phone numbers, address, emails and website. This is all kept in a password protected database on a password protected computer. I have no employees so I am the only person who uses the computer. This information is necessary to my operations for repeat billing and general customer services such as contacting customers in the event of problems or new developments concerning the maintenance of their existing system.
- None of the information is passed on to third parties, none of the information is stored online and none of the information is used for marketing.
- Every customer/supplier has the right see the information I have on file for them, just email me and I’ll send it to you.
- Every customer/supplier has the right to have their data removed from my system. Obviously this would be highly impractical if I am to continue providing a service for that customer as I can no longer contact the customer in the event of problems and would have no details to invoice the customer which would make it necessary to terminate any services I am currently providing for them.
The upshot is, for me to provide any services for a customer I will need them to provide me with basic contact details for invoicing and necessary communication. The customer giving me these details no longer legally means they understand I will store those details in the manner already outlined above but they will have to make a clear statement that they are happy for me to do this. Sorry folks but as of 25th May 2018 that’s the the law!