We’re now at the penultimate blog to our GDPR survival guide, as our last post talked about how to advertise to people who haven't give permission.
As you can see, it's not an impossible task to complete, more just about getting yourself organised and putting things in place
Now we're going to introduce you to some tools and software solutions that might help you out. So, let's get cracking:
For anyone who uses G suite already, you’ll know how useful it is to have everything automatically saved in the Cloud and at the touch of your fingertips (as long as you have an internet connection). For those that don’t know about it, it’s essentially like Microsoft Office (but Goggles own version) where you have use of spreadsheets, documents, email, diary and many more software solutions all through a browser. It unites your team so everyone can have access to the same information, but equally, keep it seperate, if needed.
There are three key functions we love about G Suite that can help with GDPR compliance:
- You can have a master spreadsheet (say a marketing database) that everyone can access and update at the same time, but it has the functionality of viewing past changes (so no more overwriting the master copy never for it to be seen again).
- When an employee leaves, removing and consolidating all of their data can be time consuming and a hassle, however with G Suite, you can simply revoke their access, and as everyone is working of the same sheet in a master drive, that’s all you need to do (no more moving files and re-saving them elsewhere and telling everyone the new file location etc).
- Should an employee be using a mobile device for business and personal use and you need that device cleared of the business data but not personal (e.g the phone gets stolen or lost), with G Suite, the administrator can simple ‘wipe’ the device or account remotely meaning the data stays in your control
If you’ve not heard of MailChimp, have you been living under a rock!? It’s such a simple platform to create visually pleasing email campaigns and manage your marketing databases. MailChimp has been very proactive when it comes to GDPR and have even created their own guide on it.
They are ahead of the curve and have been putting plans in place for well over a year now for those using their platform. These plans include:
- Updating the Data Processing Agreement
- Updating third-party vendor contracts
- Analysing their features, offering and templates to make them compliant
As a service provider themselves, they’ve had to also change a few things incase they get asked about any of the following (which are useful to note for what the rest of us should be looking at too):
- Right to be forgotten- users can terminate your account at any time and all your data will be permanently deleted
- Right to object- users can opt-out of inclusion of your data at any time
- Right to rectification- users may access and update your account at any time
- Right of access- users can contact Mailchimp at any time to gain access of the data they hold for you
- Right of portability- Mailchimp will export the data to a third party at any time upon your request
Wordpress Tools and Tricks
Many people currently use Wordpress, with it being estimated as the most popular CMS around powering over 25% of the World’s websites.
One of the reason’s Wordpress is so popular is because it’s so versatile and gives you so many ways to do specific tasks. Here’s some of our favourites around that help with this:
- Plugins…. there are SO many plugins that will do all the hard work for you, HOWEVER, any plugins you do use, please do check that they comply with GDPR as it will be your responsibility that you’re using one that can export/provide/erase any user data it collects
- Creating a MYSQL database table that can import content for you into one place
- Data access plugin which creates a page on your website where users can request access to their personal data on your website
- Auto deletion of old data and messages plugin which does what it says on the tin… creates a widget that allows you to shelf old data
- Disabling comments means people can’t add comment to your posts, meaning their data isn’t left behind visible for others to see
In our final post, we’ll keep it short and sweet and give you a countdown to compliance checklist.
Have a good week.