Opting In or Opting Out


Peter Savage 2 TV-Bay Magazine
Read ezine online
Download PDF
Download PDF

Peter Savage, CEO of Azule, explains whether you should opt in or opt out of the current red tape nightmare facing businesses large and small.

No, this isn’t another Brexit referendum but I doubt whether any of you reading this are not affected, in some way, by the new European General Data Protection Regulation, commonly known as GDPR or, as I like to put it, the Great Deal of Political Redtape initiative that comes into force on 25th May this year.

Perhaps this last great European edict before Brexit will bring you some relief from the hundreds of emails that clog up your inbox; the telephone calls from people who have bought your name from spurious databases; the letters from mortgage, insurance, bridging finance and other sales teams wanting you to buy their products or services. Perhaps, thinking about it, GDPR is a good thing!

Yes, I come from a finance company and, yes, we are being regulated far more than a company selling widgets. But widget suppliers and suppliers of broadcast kit have to be equally careful about complying. If you have done nothing about GDPR then beware, as there are some swathing powers, and fines – up to 4% of your company’s turnover – to make sure everyone steps in line.

I’ll give you a few examples of to dos, and not to dos, so that you are at least aware of what is good practice and what is not.

It’s personal

The first thing to recognise is that the regulation applies to processing personal information or data. If you only deal with business information (for example, you sell electronic components to businesses that assemble equipment) then the regulation is less applicable. However, even within this second category, you can fall into the scope of the regulation if the business you deal with is a sole trader, a partnership or if the customer you contact is using his/her personal email address as opposed to an info@ email address.

It also applies to holding personal information. It is fairly obvious that, if the individual you deal with gives you his or her credit card details, then this comes into the scope of the regulation. Less obviously, if you deal with a company and the individual gives you his personal credit card information to cover, say, a hire and you ask for proof of ID, then all this information falls under the regulation.

The guidelines

In simplistic terms:

  • the information/date you keep must be relevant and kept to a minimum;
  • use of the information/data must be limited and specific and kept no longer than is absolutely necessary;
  • the information/data should be kept secure (including not transferring information to countries that don’t operate at the same level of information/data security);
  • the information/data should be accurate (do you regularly check your customers’ email details?).

So what should you do?

I could give you numerous examples of whys and wherefores but, again, in trying to keep things simple here are some pointers:

  • information/data should be kept in secure places – password protected if on a computer or in a locked cabinet or drawer;
  • destroy the information once you have used it – for example, if you have been given a customer’s credit card details do not keep them just in case you might need them again;
  • you are allowed to call your customers about the operation of their accounts;
  • you are not allowed to email customers about new products you may be able to offer unless the customer has opted in to receiving your communications, that opting in must be done before 25th May;
  • you are not allowed to ask customers after 25th May if they want to opt in as that is technically a marketing email;
  • if you are in the business of obtaining personal information/data, then all correspondence must have appropriate wording informing the customer that you have to hold the information and that they are happy for you to use it;
  • information/data is deemed to be held if it is on your PC, on a third party cloud such as Dropbox, in an accounts system, on phones, in emails, on USB sticks, etc.

Common sense

I know this sounds like common sense and that is the main point: if you recognise what is personal data, and you know that you have to be careful, then taking sensible steps should be enough for small businesses to keep themselves covered.

Try this. Look around you, while reading this article, and consider how much customer information is sitting within your eyesight, how much of that information is personal and/or could be construed as confidential. I’ve had to do it with my office, thinking: when I turn on my PC, do I have to log-in; do I leave my PC on overnight; does the cleaner have access to all secure rooms in the office; do we all lock our cabinets?

Don’t worry. I am not scare mongering; I’m just saying beware, because there is always someone who will complain and, if they do, you need to be able to explain what is your policy and who is responsible for it … aargh, I feel like Charles Dreyfus, the police chief in The Pink Panther, being taken away in a straight jacket …

These are my personal views and should not be construed as legal advice. If you want to know more about GDPR, then look at the guidance on https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

If you want to know more about Azule, please look at our website: www.azule.co.uk


Tags: iss131 | azule | gdpr | consent | Peter Savage 2
Contributing Author Peter Savage 2

Read this article in the tv-bay digital magazine
Download PDF
Article Copyright tv-bay limited. All trademarks recognised.
Reproduction of the content strictly prohibited without written consent.

Related Interviews
  • Azule Finance at BVE 2016

    Azule Finance at BVE 2016

  • Azule Finance at BVE 2013

    Azule Finance at BVE 2013


Related Shows
  • Bubble and Squeak: Live and Loud from Monday at IBC 2013

    Bubble and Squeak: Live and Loud from Monday at IBC 2013


Articles
Switching to Internet Based Distribution
Chris Clark

"An IP status check for the broadcast industry", "Resistance is futile", "IP points the way forward for the broadcast industry"...

Yes, we've read the headlines too. But rather than force you into submission, scare you, or leave you feeling like you have no other choice, we want to give you the information that helps you to make a sensible decision about Internet-based distribution.

So what’s stopping you from making the switch right now?

Tags: iss135 | ip | internet | distribution | cerberus | Chris Clark
Contributing Author Chris Clark Click to read or download PDF
21st Century Technology for 20th Century Content
James Hall A big challenge facing owners of legacy content is rationalising and archiving their tape and film-based media in cost effective and efficient ways, whilst also adding value. Normally the result of this is to find a low cost means of digitising the content – usually leaving them with a bunch of assets on HDD. But then what? How can content owners have their cake and eat it?
Tags: iss135 | legacy | digitising | digitizing | archive | James Hall
Contributing Author James Hall Click to read or download PDF
Future proofing post production storage
Josh Goldenhar Advancements in NVMe (Non-Volatile Memory Express), the storage protocol designed for flash, are revolutionising data storage. According to G2M Research, the NVMe market will grow to $60 billion by 2021, with 70 percent of all-flash arrays being based on the protocol by 2020. NVMe, acting like steroids for flash-based storage infrastructures, dynamically and dramatically accelerates data delivery.
Tags: iss135 | nvme | sas | sata | it | storage | post production | Josh Goldenhar
Contributing Author Josh Goldenhar Click to read or download PDF
Your two week editing future
Alex Macleod

So here we are - January again! Usually a good time to reflect on the year just gone by, and a good time to look forward to the coming months as the new year begins.

When I was reflecting on my 2018, and when thinking about what to write for my first article for Kit Plus - I kept coming back to one theme - organisation.

Tags: iss135 | editing | mediacity training | premiere pro | dit | Alex Macleod
Contributing Author Alex Macleod Click to read or download PDF
Test, Measurement and Standards
Alan Wheable The Alliance for IP Media Solutions (AIMS), is a non-profit trade alliance that fosters the adoption of one set of common, ubiquitous, standards-based protocols for interoperability over IP in the media and entertainment, and professional audio/video industries.
Tags: iss135 | omnitek | aims | SNMP | hdr | ai | Alan Wheable
Contributing Author Alan Wheable Click to read or download PDF