GDPR update & how The Waste Connect can help with your compliance
The General Data Protection Regulation (GDPR) came into effect two years ago, changing the way in which organisations collect and process personal data. Business owners had to put aside time to familiarise themselves with the new regulation and ensure that their employees were implementing the new processes that were put in place. As the toughest privacy and security law in the UK, organisations can face hefty fines if they breach the rules so it’s essential that you understand how to handle data correctly.
For Covid-19, Hospitality businesses are required to keep a temporary record of their visitors for 21 days. For some, such as hotels and B&Bs, they may already have systems in place to record information such as online booking systems. For those who aren’t used to storing customer data, a Landlord of a pub for instance, you may have had to put some new systems in place, and you need to make sure that these systems are GDPR compliant.
Make sure that you understand what data you need to collect and that you’re not one of those business owners who isn’t complying with GDPR.
If you have had to adopt new processes in light of Covid-19, there are a few simple actions you can take to make sure you comply:
Don’t overcomplicate your processes
When introducing new processes, you need to make sure that they are kept simple and easy to understand so that your workforce is confident in adopting them. To streamline your process, only collect the minimum amount of information. This will likely be contact name, telephone number and the date and time of their visit. That’s it.
Obtain the correct permissions
Hospitality businesses are being asked to collect customer data purely for the purpose of contributing to the Test and Trace initiative. You’ll suddenly have all of this data which could easily be uploaded to your email marketing database but DON’T. You can only do this if you have obtained the correct permissions. If your customers don’t give you permission to contact them for marketing purposes, then don’t. Simple.
Inform your customers
You must clearly tell your customers why you are collecting their data and what it will be used for. Not only is transparency a requirement of data protection law, it also builds trust amongst your customer base.
Ensure that all of the data you are collecting is kept confidential and is destroyed securely after the 21 days are up. Under no circumstance should you be sharing your customers’ information with anyone else outside your business or keeping it beyond the 21 day requirement.
After collecting the personal it’s imperative you dispose of it correctly too as it’s a legal requirement. As experienced specialists, we can handle all your confidential waste disposal needs quickly and efficiently in accordance with the relevant UK and EU regulations. We can either collect your waste in a secure vehicle or destroy it on site so that you can oversee the disposal process.
By using our fully compliant service, you can ensure that the data you collect is disposed of safely, securely and legally.