Four letters that could cost you your business..

May 25th 2018 saw the introduction of the new rules on Data Protection (GDPR) and now, over a year on, many martial arts instructors still aren’t compliant.

With fines of over 20 million Euros, the first question you need to ask is; does GDPR apply to me?

The short answer is YES.

If you operate within the EU or offer goods or services to customers or businesses in the EU and process personal data, then GDPR applies to you.

Think about that for a moment, even groups outside of the EU are affected.

But what is personal data?

Personal data is classed as any information which can be used, either directly or indirectly, to identify a person.

This can be anything from a name, photo, email address, bank details, medical info, computer IP address, cookies or even posts on social media and networking sites.

This has far reaching consequences for martial arts groups worldwide.

It’s not just the larger associations that need to consider GDPR compliance.

Small clubs and self-employed instructors are just as responsible for protecting the personal data of their customers.

Like every other part of your business, you need a plan.

Start by working out, who in your business is responsible for data protection.

If you are a larger organisation, you want to consider appointing a Data Protection Officer (DPO).

For the majority of small businesses, this isn’t a legal requirement.

Legally, you only need a DPO if handle lots of data. In the UK advice can be requested from the information commissioner office (ICO)

What areas of your business does GDPR affect?

Most people think that GDPR is an “IT department” issue and only applies if you do a lot of online marketing, sales or have a larger association,

That’s just not true.

Information Technology (IT) is part of daily life. I would be surprised to hear of any business not using a computer, laptop or mobile phone.

Therefore, GDPR has implications for your whole business.

While this might sound extreme, especially for smaller businesses or self-employed instructors, but understanding the two key areas below, will make compliance easier.

Classes:
You need to collect information about students to successfully run your classes.
Medical details, emergency contact information and payment plans are all covered by GDPR.

You need to plan how you will collect, store and share this information.

How you control access is very important and should be restricted.

Even paper copies of information, will need to be securely stored

You also need a plan for how staff share information.

Yes share, there are times when you need to share information between staff and possibly people outside of your business,

Certain third parties, like the police and your insurance company, have the legal right to request information.

Marketing:
Marketing is arguably the biggest area impacted by GDPR.

The most important thing to remember, is that you’re not allowed to contact prospects or even reach out to your existing customers unless they’ve given you permission to do so.

It is good practice to get permission renewed annually.

if you’re sending out emails or text alerts, then everyone on your list needs to have given clear consent to receive them.

GDPR rules state that subscribers need to express their consent, In a freely given, specific, informed, and unambiguous way, which is reinforced by a clear affirmative action.

Gone are the days of automatically subscribing someone to your list or assuming they want to receive marketing communications from you simply because they’ve dealt with you in the past.

They need to opt-in.

The best way to prove consent is through an opt-in form.

This is where you ask students or customers to give their permission to store and use their personal data.

As i’ve said above, it must be asked for in a clear, unambiguous way and you need to tell them what you will be using their information for.

Any opt-in options must not be pre-ticked, the customer must actively and expressly give consent by ticking the box themselves.

While double opt-in isn’t compulsory under GDPR, it’s a good way to gain permission as it gives customers a second chance to refuse.

Double opt-ins are usually when someone is signing up to your email list and they receive an email they need to click on to confirm their subscription.

Until the person has clicked on the confirmation button, they won’t be added to your email database.

If you would like help on compliance or the issues raised by GDPR please get in touch, by emailing scottishbudo@aol.com

Advertisements
Standard

Are you a “Ju-liar?”

We’re now in July, a full 7 months from the beginning of the year.

Yeah, it has flown in.

It seems like only yesterday my facebook book feed was full of “New Year, New Me” memes.

But what has really changed?

For those that planned to lose weight for summer, how much did you lose?

Have you kept it off or returned to the usual routine?

For those that posted about returning to training, did you?

How often are you making class?

Is it regularly or just when it’s convenient and fits with your busy schedule?

And what about those career changes that you were going to make?

Did you take action?

Really my question is, have you achieved what you resolved to do?

Or are you a “Ju-liar”

All is not lost, you still have time.

There are still 5 months of the year left.

That’s 5 months, where with a little work, you can turn it around, make the changes so that when 2020 comes isn’t the “Same Sh!t, Different Year”

Ah, I hear you, “What have you done in 2019?”

Me..

I may not have posted resolutions, but I knew I had work to do.

I’ve lost weight, over 20 kilos and managed to stay on track keeping it off.

Even spending a month stateside didn’t affect me, amazing with their portion sizes and Barrette’s cooking.

I’ve been working on my CPD, continuing professional development, and done a few courses to improve myself.

Self improvement through learning and education is something I openly promote to all my instructors and I try to lead by example.

I set my self new goals every year, often doing totally new subjects or taking myself out if my comfort zone.

But it hasn’t all gone to plan.

I’ve let the blog slip a little lately but on a positive note, I have posted more this year than ever before.

I still have some stuff to do but I never claimed to be perfect.

And as I said, I still have 5 months left.

See you at class…

Standard