Clean It Up
UK Window Cleaning Forum => Window Cleaning Forum => Topic started by: premier window cleaners on March 03, 2018, 10:57:31 am
-
If you’re running George system do you’re need to do anything about GDPR before may?
Thanks
-
Very good question even if you don't have George and use another programme. I am looking into it at the mo and will post my findings.
-
As far as I understand it there are two categories:
- Personal Data (such as name, address, bank details etc...)
- Sensitive Personal Data (such as religion, sexuality, medical records etc...)
We're only likely to deal with the first of these. GDPR applies to hard copies as well as data stored on disk. You need to work out things like:
- Who has access to this data? Do they need access? Can you restrict access?
- How is it secured? (eg: password)
- Are you destroying hard copies after use (eg: in cross-cut shredder)
- If you use George/Cleaner Planner or whatever you'll need to find out how secure their backups actually are etc... are. Who has access to them. Are they on secure cloud etc ...
Then this needs to be documented. To be honest you're probably doing a lot of this anyway since it's just common sense.
Like all of these new regulations from government & the EU it's all a bit "woolly" and it's a case of whether you can 'prove' you're abiding by the regulations. It'll probably become clearer once companies are taken to court because they are blatantly flouting the rules.
-
If you’re running George system do you’re need to do anything about GDPR before may?
Thanks
whats GDPR?
-
https://www.youtube.com/watch?v=WPwG-MNMuBQ&feature=youtu.be
This is what you will need to do.
-
An informative video....
So for example in my case I use "Roundtracker" spreadsheets which contain customer names, addresses, e-mails and 'phone numbers. I keep the spreadsheets on my laptop which is password protected (only I know the password) & running the latest version of Norton ant-virus, I back them up to an extrenal hard drive (which is also password protected). Any daily work-sheets that I print out which contain customer details I destroy in a cross-cut shredder.
Also posting 'phone/facebook messages from customers on this forum with the customer's personal details showing would also be a breach of GDPR (& probably current data security & privacy rules).
It all sounds a bit 'geeky' but it is really common sense. I know a little bit about this stuff since I've been touching on it in another part-time job that I do.
NB: It may cause additional headaches when selling/buying rounds because you're essentially buying/selling customer data....
-
Overthinking.
Just clean windows and make £.
-
I think they would be hard pressed to try and fine me for 20 million Euros. (http://www.cleanitup.co.uk/smf/1520098350_rolleyes.gif)
-
If anyone asks I don't have any customer data so I'm alright.
-
An informative video....
So for example in my case I use "Roundtracker" spreadsheets which contain customer names, addresses, e-mails and 'phone numbers. I keep the spreadsheets on my laptop which is password protected (only I know the password) & running the latest version of Norton ant-virus, I back them up to an extrenal hard drive (which is also password protected). Any daily work-sheets that I print out which contain customer details I destroy in a cross-cut shredder.
Also posting 'phone/facebook messages from customers on this forum with the customer's personal details showing would also be a breach of GDPR (& probably current data security & privacy rules).
It all sounds a bit 'geeky' but it is really common sense. I know a little bit about this stuff since I've been touching on it in another part-time job that I do.
NB: It may cause additional headaches when selling/buying rounds because you're essentially buying/selling customer data....
So would you approach every one of your customers and confirm their acceptance of you storing that data or not Cookie?
I use George. I've got all of my customers names by asking them in the first place, but having to get them to sign a piece of paper granting me permission to hold their names, addresses, telephone numbers and job pricing and history in digital form will be a major task.
George keeps and everlasting file of customer jobs as a history even after they have been listed as completed. As far as I'm aware the only time you can actually delete a customer's job from the system is to delete all the activity on that job first. Do we have to approach these people as well if we want to keep a record of the job history? (We have had a few non payers over the years and as people's appearance can change over time, I would prefer to retain these people's names for my own future reference.)
On George we can change the name of the customer to "opted out" and remove the telephone number but still retain the job history and price. This keeps the tax recording side straight.
Am I also correct in noting that the British Parliament is still discussing additional 'nuts and bolts' to this EU regulation so hasn't been passed in law as yet. It obviously agrees with the essence of the EU regulation.
-
No need for them to confirm acceptance, they've already done that by providing you with their details. No need for signatures etc... either. As far as deletion of their information is concerned I think this is primarily aimed at companies which might retain your data for marketing purposes - so these would be the companies that continually send us unsolicited e-mails/text messages etc... However if you have a non-payer, or even somebody who has used your services in the past few years, I would have thought you have a legitimate right to all or some of their data, besides you might need it if HMRC decide to investigate you... as with all these things it's all pretty "woolly" so I guess in the absence of guidance for each scenario common sense applies.
This will be passed as law since the UK is still part of the EU until Brexit is complete. Who knows when this will be .....
To be honest unless you're a company with over 250 employees there's not a lot to worry about. The main thing for us is just to make sure that your customer data is secure (eg: passcodes/passwords on smartphones/laptops/tablets etc...) which is just common sense anyway.
-
Just wondering if anyone from George, Cleaner Planner, Aworka etc.. logs on here. It would be interesting to hear their viewpoint.
-
Just trying to post an add on FB and it wants a link to my privacy policy!
Anyone got one I can steal?