CoB getting ready for the GDPR
New legislation comes into force in May 2018 and whilst this might seem a long way away, you need to start preparing for it now, as this affects your business. The Information Commission?s Office (ICO) have prepared the following guidance for organisations (clubs and schools alike): Getting ready for the GDPR.
Key aspects that you need to consider are:
- Know what personal data your business holds and how you process it. This includes your after school booking system amongst other areas of your business, i.e. email, email distribution lists (MailHop, MailChimp, etc)
- Ensure privacy statements are up to date on your website and after school booking system (within terms and conditions). Refer to the ICO?s Privacy notices, transparency and control.
- Individuals rights, specifically the right of access and right to be forgotten. You will need to be able to provide personal data electronically on request, as well as have the ability to erase it. In generally, data processed via the after school booking system is for the performance of a contract / service, but consideration should be given for personal data used for email distribution and marketing purposes.
- You will no longer be able to charge for subject access requests and have forty days to respond, although you can refuse or charge for requests that are manifestly unfounded or excessive.
- You need to identify the lawful basis for any processing activities and document it (including updating your privacy notice.
- Consent must be freely given, specific, informed and unambiguous with positive opt in, i.e. no longer can terms and conditions be pre-ticked. Refer to the ICO?s GDPR consent guidance.
- GDPR brings in special protection for children?s personal data.
- Procedures for data breaches must be in place and the onus is on your business to ensure data protection is ?by design and by default?. Data Protection Impact Assessments new technology is being deployed.
- You must ensure you designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation?s structure and governance arrangements.
Whilst Ayrmer Software is not a specialist and unable to provide legal advice (for obvious reasons), we would be happy to point clients in the right direction and help with any technical implementations. We?ll be working on ensuring our after school booking system is complaint before May 2018, so that is one less thing for you to worry about!
If you like to get in touch, please telephone our offices on
+44 (0) 1364 582017 or complete our
on-line form and we'll get back to you
as soon as possible.
Stay in touch with what we're up to at Ayrmer Software by following us on one of our
social media feeds: we'd be delighted to welcome you as a follower on
become friends on facebook
or add us to your circle on Google+.
You'll also find us on Linkedin, of course.
childcare on-line booking
Find out more about how our clients have processed more than 248,000 bookings and generated more than twelve million pounds in revenue for our clients!
Our expertise lies in our ability to interpret your business requirements and provide a solution that meets your needs; find out how we achieve this level of understand. It's what makes us different ...
Find out about how we approach software development to ensure that the solution matches your business requirements.
Our philosophy is based upon the needs of your target audience and understanding their requirements that ensures we deliver an intuitive solutions that focuses on the User eXperience (UX), whilst developing lightweight, robust, secure on-line database applications.
Legal information required by the Companies House Act in the United Kingdom that include: place of registration, registered number, registered office address.