Festival Friends HardDriveLogo

GDPR is almost upon us: How ready is your business?

anthony mederick • May 03, 2018

When I was younger my mother told me "prevention is better than cure" & with impending GDPR data protection regulations changes taking effect on the 25th May... I don't think truer word has been uttered. Now, If you're one of the few who haven’t heard of GDPR, or if you just haven’t found the time to investigate how it might effect your business, then this is the guide for you. But first, an important disclaimer: Like people, every business is different and that makes it very difficult to give precise advice on GDPR as your circumstances may differ from “the average business”. For that reason, the first piece of advice I will give is to find a professional to help on preparing for GDPR. We’ll look at ways to do that later in the guide. Now let’s take a look at a few frequently asked questions on the subject of GDPR.

So, what is GDPR?

GDPR stands for General Data Protection Regulation and is Europe's new framework for data protection laws – it replaces the previous 1995 data protection directive

Who does the GDPR affect?

The GDPR not only applies to businesses located within the EU but it will also apply to Businesses located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

How does GDPR affect the Data Protection Act (1998)?

The government will enforce GDPR by introducing a new data protection bill. When this bill becomes law, it will replace the old Data Protection Act, which will be repealed. From a more practical point of view, the good news is that the two acts will not be hugely different. This means that if you are compliant with the 1998 Act, you won’t have to make too many changes. That said, don’t use compliance with the 1998 act as an excuse for complacency, as there are still significant changes you may need to implement.

What are the penalties for non-compliance?

In regards to non-compliance the government has implemented a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment, & up to 4% of annual global turnover for breaching GDPR or €20 Million.

This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. It is important to note that these rules apply to both controllers and processors -- meaning 'clouds' will not be exempt from GDPR enforcement.

People will have greater access to data

Currently, if someone wants to access data you hold about them, they have to pay a £10 charge. That charge will be discontinued under GDPR. You’ll also have to provide any data you hold on them within one month.
Essentially, people will have more control over their data, and you need to make sure you are in a position to provide them with their data on request.

Who is accountable for the data you handle?

Larger companies (those with 250 or more employees) will need to provide documentation detailing why they collect and process people’s data, what information they hold, how long they’ll hold it for and the security measures in place to protect that data. In addition, companies that process people’s data on a large scale, or process a significant amount of sensitive data (such as medical information) will have to employ a data protection officer. Clearly, the vast majority of smaller businesses won’t be affected by these changes. However, what will affect businesses of all sizes is the need to obtain consent in order to use someone’s data for certain purposes – including marketing. This may sound familiar, but GDPR will require you to get positive consent from an individual in order to send them marketing material. (There are some exceptions to this rule)

Are there any initial steps I can take to help me with GDPR?

The short answer is yes. The longer answer is yes, but although these initial steps will help you, on their own they’re not enough to ensure compliance with GDPR, so make sure you’re fully aware of other steps you may need to take. With that in mind, here are those initial steps: Always encrypt personal data and store it on password protected devices. Losing a USB stick with unencrypted data would count as a data leak, but it’s so easy to avoid. Understand what you need to do if you do have a data leak. Under the new rules, you need to contact the ICO within 72 hours of a leak, and inform those whose data has been leaked. This ICO guide goes into more detail on what to do after a data leak. Develop a data policy, even if you don’t have to. Doing so will help you understand what data you collect, why you use it and if there is anything you can do to reduce data collection to make GDPR compliance easier. Create a privacy policy and share it with your customers and website visitors. Make sure this outlines exactly what you’re collecting their data for and how you will be using it. Carry out a data audit so you know exactly what data you currently have, and then keep your data records up to date. After all, you’ll need to be able to provide people with their data if they request it, and you can only do that if you’re keeping track of your data collection process. (Re)seek consent if required. That way, you’ll have evidence that people have opted in to your marketing and that you’re using their data lawfully. Remember – people need to actively opt in for you to use their data lawfully, and you must clearly tell them what they are agreeing to.

What should I do next?

We’ve only skimmed the surface of GDPR here. The next step we’d recommend taking is following the ICO’s “Preparing for the GDPR 12 steps to take now” guide. There is also an ICO helpline which you can contact. You may also wish to seek advice from a legal expert who specialises in the field of data protection, depending on your circumstances. 

ABOUT US

FFHD TIPS & TRICKS

Cashback Offers for Concerts! How Loyalty Programs Can Revive Festivals

by anthony mederick 15 Jul, 2021
Cashback Offers for Concerts! How Loyalty Programs Can Revive Festivals

What FFHD is Doing For Our Customers in Light of COVID-19

by anthony mederick 25 Mar, 2020
With the COVID-19 in full effect lets look at what FFHD is doing to support their customers through a difficult time.

10 Clever Marketing Ideas to Grow Sales During a Festival

by anthony mederick 25 Sept, 2019
Over 30 million people attended a live festival in 2016. That is a large market to promote your business to. Plus, people spend more time wandering festivals and browsing vendors since they last several hours long. You want to get noticed and leave a lasting impression that will get those same people hooked on your product. Use these 10 clever marketing tips to attract and secure new and valuable customers at a festival. 1. Announce Your Location on Social Media Sharing your location with your social media network is one of those great marketing ideas that is simple yet effective. You can create an event page, share a live stream, and promote special items that will only be available at the festival. There is no better way to promote your business than interacting with your fans. 2. Have Free Gifts Creative marketing ideas at the festival include attracting people with give-a-ways. You can have promotional stickers, key chains, or frisbees to get people excited about your business. The products will go home with festival guests to stay in their mind for future business. 3. Use Interactive Staff The best marketing ideas won't work unless you have a full staff that engages with people. Festival attendees like to have fun, so make sure your staff encourages that enthusiasm. They should come out from behind the tables and talk to people. This can make your area look exciting and popular. 4. Have a Good Deal Sometimes vendors overprice their product because they figure that festival-goers have no option but to buy at an inflated price. But, this can backfire as people look for value since they've already spent a lot of money on tickets. Take a look at your price and the value of the product. Consider offering a discount or bundling products like a drink included with a meal. 5. Collaborate with Other Vendors Innovative marketing ideas can include help from your neighbours. Offer discounts and promotional items if a customer visits your partnering vendor. This can attract more people and show that the community values your company. 6. Get a Good Location Location is key to foot traffic and getting noticed. if you can get your registration in early and spend a little more money for a prime spot, then do it. It not, invest in arty signs throughout the area to direct people to your location. 7. Get on the Festivals Payment Option Many festivals use promotional ideas like prepaid wristbands or smart cards. You can accept this form of payment to attract more customers and get paid easier. People with prepaid options tend to spend more and won't have to worry about finding an ATM. 8. Collect Data for Future Festivals Make sure you keep track of what works and what doesn't so that you can improve next time. You can ask people how they found you or if they like you on social media. Also, look at your sales to see which items gave the most profit. 9. Hold a Raffle The easiest way to build an email list is by holding a raffle. Get people to fill out a slip with their name and email to win a prize by the end of the festival. Then you have an email list that you can use to send promotional items and keep then aware of your business. 10. Go to the Right Festivals You want to make sure that there is a market for your product at each festival. So, know your festival type. You may find a niche that works better than going to every festival in the state. Create a List of Marketing Tips Choose which marketing tips that you would like to try and start a list of how you will implement them. This will keep you organised and focused. If you haven't done so already, start building your social media presence. Contact us to develop your marketing online to increase your traffic.
More posts
Share by: