Managing customer’s personal data

I get lots of questions about personal data…

It’s expected with the job I do.  Clients are worried about the personal data they hold about customers and who they can share it with.

Luckily the GDPR cannot see inside your head.

We often hold personal data about our customers. Especially if they are long standing customers that we just remember.  Its good for PR. This  could be special category data if they say had a health issue.  This is definitely not one to note down or share.  Going back to the fundamentals of GDPR it relates to identifying a natural living person and information that is intended as part of a filing system.  So you can still maintain your effective relationship with customers but don’t include it in your customer personal data files.

Its common sense.

A customer complained last week, he was insisting that GDPR was going to ruin his charity work.  This extra hassle was going to put off volunteers from giving their much needed help and time.  I agreed to a certain extent that extra care would be needed.  In reality they were being careful anyway, just a few processes needed tweeking to protect personal data.  Such as not to include everyone on a distribution list or to protect documents through encryption, passwords or to anonymise where possible.

Lets take, for example, a charity Christmas dinner for the older folks in the town.  We need to know special requirements and dietary requirements to make the appropriate arrangements.  These details are necessary but not everyone needs to know that Bob needs a comfy chair for his bad back and that Margaret is sprout intolerant.  So you could end up with a general list where requirements are listed such as 5 vegans on table 2 but only the organiser or data controller has the exact details, wich they can be deleted after the event. Let’s say that the personal data on the list was breached and it is now public knowledge that these people will be out of their houses on Christmas Day and that they are vulnerable.  The implications are not pleasant, not everyone is as kind as you and I.

Imagine it’s your data or your children’s data, then you will give it the importance that it deserves.  How would you feel if the information that you had trusted to someone was announced to the world?    I often think of data as a big pie, the fewer people that touch it the better it is for everyone.

Data breaches can cause permanent damage to people’s lives and worlds with irreversable results.

If you have any queries – do get in touch.  We provide practical solutions so you can concentrate on your core business.