CoB getting ready for the GDPR

New legislation comes into force in May 2018 and whilst this might seem a long way away, you need to start preparing for it now, as this affects your business. The Information Commissions Office (ICO) have prepared the following guidance for organisations (clubs and schools alike): Getting ready for the GDPR.

Key aspects that you need to consider are:

  1. Know what personal data your business holds and how you process it. This includes your after school booking system amongst other areas of your business, i.e. email, email distribution lists (MailHop, MailChimp, etc)
  2. Ensure privacy statements are up to date on your website and after school booking system (within terms and conditions). Refer to the ICOs Privacy notices, transparency and control.
  3. Individuals rights, specifically the right of access and right to be forgotten. You will need to be able to provide personal data electronically on request, as well as have the ability to erase it. In generally, data processed via the after school booking system is for the performance of a contract / service, but consideration should be given for personal data used for email distribution and marketing purposes.
  4. You will no longer be able to charge for subject access requests and have forty days to respond, although you can refuse or charge for requests that are manifestly unfounded or excessive.
  5. You need to identify the lawful basis for any processing activities and document it (including updating your privacy notice.
  6. Consent must be freely given, specific, informed and unambiguous with positive opt in, i.e. no longer can terms and conditions be pre-ticked. Refer to the ICOs GDPR consent guidance.
  7. GDPR brings in special protection for children's personal data.
  8. Procedures for data breaches must be in place and the onus is on your business to ensure data protection is by design and by default. Data Protection Impact Assessments new technology is being deployed.
  9. You must ensure you designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation's structure and governance arrangements.

Whilst Ayrmer Software is not a specialist and unable to provide legal advice (for obvious reasons), we would be happy to point clients in the right direction and help with any technical implementations. We'll be working on ensuring our after school booking system is complaint before May 2018, so that is one less thing for you to worry about!

Date: 04/10/2017


If you like to get in touch, please telephone our offices on +44 (0) 1364 582017 or complete our on-line form and we'll get back to you as soon as possible.


Stay in touch with what we're up to at Ayrmer Software by following us on one of our social media feeds: we'd be delighted to welcome you as a follower on twitter, become friends on facebook or add us to your circle on Google+. You'll also find us on Linkedin, of course.


... as always fantastic support from you. This is a great after school booking system which is very user friendly. Would definitely recommend.

Francesca Yates Business Manager
Hill West Nursery and Primary School

Read more ...