new ones ? Are these another way of tricking people into giving over more information and how many are scams anyone ?
Its the other way round. Anybody who has your details now has to ask your permission to use them . So all the sneakies and genuine organisations who have your details either get your permission or break even more laws.
Snot what they are saying ont net , gives scammers more scare tactics to step in ,on the old and more trusting members of society I fear . Let’s face it face recognition by computer how safe is that
Yes agree. Unsubscribe from this that and everyone sending emails I don't even look at. Sent from my iPhone using Tapatalk
All businesses have to be compliant with GDPR no matter how small they are. You have to look at what personal data you hold on people, where you store it, security on it and for how long it is held. The data has to accurate, relevant and not held for longer than necessary. It's also about having consent for what you do with peoples data. Personal data is any info that identifies a person - names, addresses, phone numbers, bank details even CCTV images. Anyone can submit a SAR (Subject Access Request) that by law forces a company to provide all the data they hold on you plus you can excercise the right to be forgotten. It covers paper and electronic info. The fines for non-compliance are massive, up to €20million or 4% of your turnover whichever is higher. We are going through this at work at the moment and it is a big task. If you run a small business and think this has nothing to do with you, then you are very wrong and are very late to the party. Sorry to scare you, but every business is affected by this, even my sideline doing weddings. https://ico.org.uk/for-organisations/business/
I’ve had letters from all my suppliers this week Don’t worry it will be all over soon Until the the Scam Sent from my iPhone using Tapatalk
No as it's just me and the wife. The only thng that i can think of is when people pay by card but that's done through PayPal, see get covered that way I believe.
Still applies unfortunately. You hold payment details of customers, post pictures of people on Facebook? What about when you take bookings for events? What happens with that data? The best way to start is to work out what data you hold and where. If it scattered about, then you need to organise it logically and then create a spreadsheet of where it is - whether physical or electronic. TBH if you have physical data, get it all scanned in electronically and shred the physical. Then you need the policies. If you have a website then the privacy policy needs to be put on there (rip off someone else's and change it for your business). Refer to the link to the ICO for info on the others. GDPR is about consent as well. If you use people's data outside of what is deemed reasonable - for example it is expected you will have transaction details because you want to get paid etc. Then you need to have their consent to use it in this way. Because I use people's wedding photos on Facebook (with prior consent of course) I need to make sure I have that in writing. This is why you all are being asked to re-sign up to marketing emails. It is no longer allowed for companies to already tick boxes on web pages - they have to ask first or for you to actually tick the box asking for contact. I am not a GDPR expert and have not done the training. All the above is what I have learned from being involved in the process at my work of more than 250 people. For less, the rules are slightly different, but no less important. A little article on GDPR for sole traders. https://www.itgovernance.eu/blog/en/how-will-the-gdpr-affect-sole-traders
Oh yeah - posting people's faces on Facebook. GDPR is about identifiable information. If the photos are of the back of people's heads in a queue for the Pop top kitchen then that should be ok.
I'm pretty sure that there is a difference between personal Data (phone number, 1st name, 2nd name etc.) and content data (aka the mindless musings of many of us). As far as I know this place only holds email address for login...can't remember if dob etc is asked for. Past that it's up to the user if they use their real name as a profile name. If people have shared their names and contact details in the public domain, then the obligation is only to allow them to remove it themselves, as it was entered without being asked for. If you as an end user have shared a picture of someone else and they want it removed, again, it's up to you to remove it as it wasn't asked for by the site. If nominate that content isn't termed personal data unless @Barry Haynes coiffure requirements are something the North Koreans are interested in. GDPR is way beyond overdue....and pretty much all businesses are leaky ships (not least the UK and European governments) I want to know where the fines go and how I buy shares in that company!!
I don't think photos are relevant per se as pictures taken in the public domain for no business gain are covered by existing laws. If you contracted the person in the picture, then the content of that contact and the image itself are covered. Pictures of randoms in a field I don't think matter....but I guess that swirly face thing the papers started doing a few years ago might become prevalent just in case.
I'm not so sure a forum is exempt. It still holds users identifiable information. For example, if there is a breach and all our email addresses and passwords are stolen, I think the regulator may still need to be informed. A privacy notice on what is happening (if anything) to our data may still need to be published and everyone made aware of it. Check other forums to see what they are doing.
What is really bad is that the lawyers are circling already. In the same way lawyers sued banks to give us money back over the insurance selling, once GDPR is in place, they will be offering services that test that a company is compliant. If not, they will sue on the public's behalf and get compensation (for a sky high fee of course). My data protection officer has a lawyer mate who is gearing up to do just that and expects to make a mint out of it.
