Opting In or Opting Out


Peter Savage 2 TV-Bay Magazine
Read ezine online
Download PDF
Download PDF

Peter Savage, CEO of Azule, explains whether you should opt in or opt out of the current red tape nightmare facing businesses large and small.

No, this isn’t another Brexit referendum but I doubt whether any of you reading this are not affected, in some way, by the new European General Data Protection Regulation, commonly known as GDPR or, as I like to put it, the Great Deal of Political Redtape initiative that comes into force on 25th May this year.

Perhaps this last great European edict before Brexit will bring you some relief from the hundreds of emails that clog up your inbox; the telephone calls from people who have bought your name from spurious databases; the letters from mortgage, insurance, bridging finance and other sales teams wanting you to buy their products or services. Perhaps, thinking about it, GDPR is a good thing!

Yes, I come from a finance company and, yes, we are being regulated far more than a company selling widgets. But widget suppliers and suppliers of broadcast kit have to be equally careful about complying. If you have done nothing about GDPR then beware, as there are some swathing powers, and fines – up to 4% of your company’s turnover – to make sure everyone steps in line.

I’ll give you a few examples of to dos, and not to dos, so that you are at least aware of what is good practice and what is not.

It’s personal

The first thing to recognise is that the regulation applies to processing personal information or data. If you only deal with business information (for example, you sell electronic components to businesses that assemble equipment) then the regulation is less applicable. However, even within this second category, you can fall into the scope of the regulation if the business you deal with is a sole trader, a partnership or if the customer you contact is using his/her personal email address as opposed to an info@ email address.

It also applies to holding personal information. It is fairly obvious that, if the individual you deal with gives you his or her credit card details, then this comes into the scope of the regulation. Less obviously, if you deal with a company and the individual gives you his personal credit card information to cover, say, a hire and you ask for proof of ID, then all this information falls under the regulation.

The guidelines

In simplistic terms:

  • the information/date you keep must be relevant and kept to a minimum;
  • use of the information/data must be limited and specific and kept no longer than is absolutely necessary;
  • the information/data should be kept secure (including not transferring information to countries that don’t operate at the same level of information/data security);
  • the information/data should be accurate (do you regularly check your customers’ email details?).

So what should you do?

I could give you numerous examples of whys and wherefores but, again, in trying to keep things simple here are some pointers:

  • information/data should be kept in secure places – password protected if on a computer or in a locked cabinet or drawer;
  • destroy the information once you have used it – for example, if you have been given a customer’s credit card details do not keep them just in case you might need them again;
  • you are allowed to call your customers about the operation of their accounts;
  • you are not allowed to email customers about new products you may be able to offer unless the customer has opted in to receiving your communications, that opting in must be done before 25th May;
  • you are not allowed to ask customers after 25th May if they want to opt in as that is technically a marketing email;
  • if you are in the business of obtaining personal information/data, then all correspondence must have appropriate wording informing the customer that you have to hold the information and that they are happy for you to use it;
  • information/data is deemed to be held if it is on your PC, on a third party cloud such as Dropbox, in an accounts system, on phones, in emails, on USB sticks, etc.

Common sense

I know this sounds like common sense and that is the main point: if you recognise what is personal data, and you know that you have to be careful, then taking sensible steps should be enough for small businesses to keep themselves covered.

Try this. Look around you, while reading this article, and consider how much customer information is sitting within your eyesight, how much of that information is personal and/or could be construed as confidential. I’ve had to do it with my office, thinking: when I turn on my PC, do I have to log-in; do I leave my PC on overnight; does the cleaner have access to all secure rooms in the office; do we all lock our cabinets?

Don’t worry. I am not scare mongering; I’m just saying beware, because there is always someone who will complain and, if they do, you need to be able to explain what is your policy and who is responsible for it … aargh, I feel like Charles Dreyfus, the police chief in The Pink Panther, being taken away in a straight jacket …

These are my personal views and should not be construed as legal advice. If you want to know more about GDPR, then look at the guidance on https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

If you want to know more about Azule, please look at our website: www.azule.co.uk


Tags: iss131 | azule | gdpr | consent | Peter Savage 2
Contributing Author Peter Savage 2

Read this article in the tv-bay digital magazine
Download PDF
Article Copyright tv-bay limited. All trademarks recognised.
Reproduction of the content strictly prohibited without written consent.

Related Interviews
  • Azule Finance at BVE 2016

    Azule Finance at BVE 2016

  • Azule Finance at BVE 2013

    Azule Finance at BVE 2013


Related Shows
  • Bubble and Squeak: Live and Loud from Monday at IBC 2013

    Bubble and Squeak: Live and Loud from Monday at IBC 2013


Articles
A switch in time: how KVM can unlock the future of broadcasting
Chris Smeeton

One of the major changes for broadcasters during the pandemic has been the shift towards remote production; by no means a new phenomenon in an IP environment, yet accelerated under lockdown to accommodate travel and gathering restrictions. A 2021 report found that almost 40% of broadcast professionals now employ remote production, up 9% on the previous year.

Tags: KVM | ARGOSY | GDSYS | KVM Tech | Chris Smeeton
Contributing Author Chris Smeeton Click to read
Rohde & Schwarz integration with Adobe Premiere Pro
Ciaran Doran

Rohde & Schwarz SpycerNode storage & VENICE ingest are perfect partners for Adobe workflows

Tags: Rohde Schwarz | media | VENICE | SpycerNode | adobe | premier pro | Ciaran Doran
Contributing Author Ciaran Doran Click to read
Cloud integration: The only way is up
Francois Vaillant

In 2017 we saw the introduction of SMPTE 2110 and since then, the transition to IP has emerged as a priority for broadcasters looking to streamline their operations, decrease their footprint and effectively integrate with an industry in a rapid state of flux. A 2020 survey by Devoncroft found that almost 20% of broadcasters had already deployed SMPTE 2110, and over 25% were planning to do so. Then came the pandemic, precipitating the need for on-the-fly collaboration and accelerating the transition to remote, virtual and cloud production.

Tags: dejero | smpte 2110 | dazzl | streaming | Francois Vaillant
Contributing Author Francois Vaillant Click to read
The Cloud - a measured approach
Ciaran Doran

With the buzz of ‘cloud’ everywhere in our industry it would be natural to think that cloud is the only game in town. Isn’t it time to step back and consider very carefully how, or whether, you make that journey to the cloud?

Tags: cloud | rohde and schwarz | rohde | schwarz | Ciaran Doran
Contributing Author Ciaran Doran Click to read
Meeting the specification
Chris Smeeton

A good technical specification will detail precisely what is required, from the equipment to the cables connecting it. Many specifications will give  particular manufacturers and model numbers. On many occasions, this makes tendering simple and gives vendors a secure and fair way to bid.

Tags: CPR specification | argosy cable | fire safe cable | eu standard cable | chris smeeton | Chris Smeeton
Contributing Author Chris Smeeton Click to read