Disclaimer: This content is for informational purposes only, and should not be used as legal advice regarding data privacy laws.
What is GDPR?
GDPR is a set of regulations on how companies handle personal data. These regulations increase the responsibility of the companies that store and use individuals’ data to provide services. It stands for General Data Protection Regulation, and replaces the previous EU ‘Data Protection Act’.
Our rule of thumb is ‘the customer owns their data, wherever it is’: customers should know what is done with their data, be able to access it if they want to, and have it deleted at their request. You will now need to have a customer’s explicit permission to store and use their data.
Don’t panic! Responsible businesses that respect the sensitivity of personal data should find GDPR compliance straightforward. Sign In Scheduling has some tools below to help your business be GDPR compliant.
We've also picked out some information that we've found particularly helpful in ensuring our systems are fully compliant:
Helpful information from the UK ICO
For the Beauty sector here
For the Healthcare sector here
For the Education sector here
For the Finance sector here
EU Legislation here
Is Sign In Scheduling GDPR compliant?
Yes! It's vital that your business is compliant as well.
What does Sign In Scheduling do to help businesses be GDPR compliant?
Sign In Scheduling includes various features designed to help you to be GDPR compliant. These include:
- seeking customer permission
- ownership and management of data
- protecting the confidentiality of customer data and data security
You can read more about these here.
Steps you should take to be GDPR compliant
We recommend making sure you have consent from all of your customers to use their data, according to the purpose for which you hold it, e.g. to send them reminder messages.
Make sure your customer data is stored securely - Sign In Scheduling is secure, but it's worth knowing exactly who has access to the data within Sign In Scheduling as well as any other systems you use.
We recommend training your staff about GDPR and its implications.
Make sure you have policies in place for retaining customer data.
Make sure you only hold customer data for a reasonable amount of time.