Getting Ready for GDPR with Ticketsolve

27 Apr 2018 | GDPR

The focus on the workshops was two-fold: ease the worry over GDPR and give everyone concrete steps to themselves ready. Forget the GDPR-scaremongering, our goal was to make GDPR clear and easy to understand, and demonstrate how our community can become compliant very easily.

The crux of the workshop looked at the different legal basis that venues can use in order to process their customers' data.

There are six in all, but we only covered three which were:

  • Performance of Contract
  • Consent
  • Legitimate Interest

Once you identify the legal basis that you will use for the different data processing activities you carry out, you will need to document this in your Data Processing Audit. That’s Step 1 done for beginning to be GDPR compliant (see we said it is fairly straightforward). 

Step 2 is updating your privacy policy. Your privacy policy needs to communicate what customer data you hold and on what legal basis you will be using that data. Furthermore, and perhaps even more importantly, you must outline how customers can withdraw from the holding and use of their data. This is your basic starting point, and you will certainly need to add more to your Privacy Policy. If you need more help, get in touch and we will be happy to lend a hand. 

Step 3 (and the final step): review this process regularly. We recommend a review every 6 months or so, and be sure to record what was discussed and pop it into your GDPR file. This way, you can evidence that GDPR is an ongoing process within the organisation. There you have it. GDPR broken down into 3 easy steps; the simple version.

There are, of course, other areas such as PECR, 3rd Party Data Sharing and so on, but we these three steps you’ve made a good start.

If you want advice or just to bounce a few ideas off us, please get in touch and we will be more than happy to chat through things with you.

 

Stay in touch

Don't miss a thing, get updates from us about our latest webinars, playbooks, blog posts, newsletters and everything in between.