GDPR, I guess many people are already fed up with this.
I just want to say don’t panic. The main thing I want to draw people’s attention to, (because I can see this happening) is when we reach May 26th there are going to be scammers everywhere sending you emails saying you do not comply, you could get fined etc. But if you pay us a fee we can help you out. Please don’t fall for this.
As you know we work in SEO and it is a bit like those online SEO audits which can find fault or errors with any website. Most of these errors are false positives. For GDPR there are already websites which can check your website for cookies and then tell you that you are none compliant.
A lot of GDPR is common sense. From what I know there will be about 60 people enforcing GDPR and they are not going to come after all small businesses just because you are not quite ready.
You do not have to stop using companies or software because you are worried they are not compliant. They are also working towards it. Use what is best for your business.
Also, have a statement about what you do use personal data for and how long you keep it. For example, if you use PayPal for your online sales and you use their system you might only print off the customer’s address to stick on a jiffy bag.
I was a lead auditor for ISO9000 in a past life and what we used to look for was the intent that you were working towards the standard. Not everyone is going to have everything in place by May 26th, but you can have a lot ready.
If you can show evidence that you are putting procedures in place to comply that will go a long way. You should only worry if you are doing something dodgy!
- State what Cookies you use – analytics etc
- Have a document that states what data you keep and for how long – most probably this will be for tax reasons so document this and don’t panic.