With the General Data Protection Regulation coming into enforcement on 25th May 2018, we thought we would put together a list of do’s and don’ts when it comes to collecting data.
DO make sure to collect consent for all different methods of contact
DON’T just give the option to opt-out. You must give either just the option to opt-in, or both.
DO keep all opt-in responses in your records for audit purposes
DON’T pre-select any opt-in OR opt-out boxes, the options must all be empty
DO ensure that all staff are trained in the processes of data collection
DON’T bundle marketing consent with general terms and conditions of services
DO give individuals as much control and choice as possible over their data
DON’T use double negatives when collecting consent
DO try to name the 3rd party companies you may share the data with
DON’T make it difficult for individuals to withdraw their consent or update their preferences
We hope these tips have been helpful in your process of becoming GDPR approved. If you have any questions regarding GDPR, or would like to make sure your website is in line with the regulation, then please contact us, or pop in for a cuppa (we’ll have the biscuits ready)!