Calling my hair friends are you ready for GDPR?
Last month I attended Salon Smart and listened to Laura Knight from KWS telling us about new legislation regarding how we keep and communicate with the data base that we hold. Now, I am not an expert, 100% not a lawyer and I take no responsibility for the advice given. This blog is about raising awareness and sharing what I know so far. This is our responsibility to be ready and compliant with the regulations.
Now I have that out of the way, this is what I know!
When I was listening to the talk I felt overwhelmed by some of the facts, which were you could be fined 2-4% of your turnover for not being compliant, GDPR replaces the current Data Protection Act (1998). As you can imagine the world has changed since the last legislation, Personal Data is far more detailed and if you are like me that feels like clearing your junk mail each day is getting more of a chore this new legislation will help us to have a clean up of our inboxes and receive the information we really want.
Honestly this is not as bad as it sounds! It may sound scary but all you have to do is take a few steps to make sure you have covered the essentials. For large companies it is more of an issue and I totally advise you get professional advise.
- You need to map the personal data your business holds – This is to understand what you have and why you are holding this information. This includes paper i.e. Hair colour records. If you client has not visited the salon for 12 month you need to ask your self why are you still holding this personal information.
- Your team needs to be educated to understand GDPR and the implications for the business – They need to understand the security procedures in place to protect the data. GDPR allows individuals to be forgotten, and also to see what data you are holding on them.
- Review your current consent and refresh as needed. GDPR requires data to be held as long as necessary. How many clients details do you have on your system that have not visited you in 6 or 12 months?
If you have a website and collects or stores data related to an EU citizen, you must comply with the following:
- Get clear consent before collecting any data
- Let users access/delete their data
- Let users know if data breaches occur
The law changes on 25th May 2018 and you need to be taking action now to be ready, there are courses available with experts and my advise would be to find attend a course that is salon centric so you won’t be bamboozled with information that is not relevant to you.
Laura from KWS is running a course next month in Edinburgh that GDPR for salons with 360 events. If you email, text, hold digital or paper data on your clients or team you will benefit from attending this course.
Monday 30th April – 11am – 3pm
At the Deacon Suite, Surgeons Hall, Edinburgh
Tickets are £75 (far less than any fine!)
Click on the 360 events link above to book your place.
Love Jo x