Nobody disputes that it is important to protect personal data, while we all, in the meantime, share our data rather easily with a (free) service such as Facebook. EMAKERS has also collected (your) contact details in the past. In doing so, we can share our knowledge and contribute to a better (e-commerce) world.
However, many companies are wide of the mark when they approach GDPR as a necessity. Regulation. GDPR is about a fundamental right which touches the very heart of each company.
At EMAKERS, we’re not holier-than-thou. Mea culpa: while we worked very hard behind the scenes to protect the personal data, we often had something better on our hands: a call for tender, urgent business for a client, or writing a news article about GDPR.
The most important improvements we have carried out are:
- identification of which personal data are saved where, including a policy on the management of these data;
- creation of a standard processing agreement;
- creation of an agreement with our staff; for the protection of their personal data and how they handle your data or the data of your clients;
- internal communication around the importance of caution when an employee processes your data or the data of your clients.
GDPR IN PRACTICE
Although many companies are pretty decent, it is in practice often difficult to proof for each individual record whether or not there has been active consent in the past. The e-mails that were sent out en masse the week before the 25th of May have a lamentable conversion. We wonder whether all these senders will really stop e-mailing you when you haven’t reacted actively.
EMAKERS itself has hardly carried out any e-mail bombardment (for clients) to ask for permission to keep on e-mailing. For us, it’s always been logical that everyone should be able to unsubscribe for further (commercial) communication on any moment.
We sure still have some work to do. Next weeks, we’ll be working hard on:
- the creation of an extensive manual about how we will ask for permission in the future as best practice - this was already on our schedule before GDPR became a hot topic;
- improving the full protection of our systems, because continuity is of utmost importance to us; this too was already on our schedule; we work with leading suppliers who already have one and another sorted out standardly, but nevertheless, it’s always a good idea to make an extra effort in the field of security.
The right to be forgotten and other additional rules have a lot of impact on a SME like EMAKERS. Therefore, we have decided for now to manually treat these applications 1-by-1, equipped with a simplified step-by-step plan.
In this respect, we think it’s necessary to apply a pragmatic way of working, while we observe significant differences concerning the interpretation of the new regulation. It goes without saying that we will closely follow the developments, including possible legal proceedings of the data protection authority.
We hope to keep on processing a lot of data in the future and we thank you for your confidence in EMAKERS.