The most important improvements we have carried out are:
- identification of which personal data are saved where, including a policy on the management of these data;
- creation of a standard processing agreement;
- creation of an agreement with our staff; for the protection of their personal data and how they handle your data or the data of your clients;
- internal communication around the importance of caution when an employee processes your data or the data of your clients.
GDPR IN PRACTICEAlthough many companies are pretty decent, it is in practice often difficult to proof for each individual record whether or not there has been active consent in the past. The e-mails that were sent out en masse the week before the 25th of May have a lamentable conversion. We wonder whether all these senders will really stop e-mailing you when you haven’t reacted actively. EMAKERS itself has hardly carried out any e-mail bombardment (for clients) to ask for permission to keep on e-mailing. For us, it’s always been logical that everyone should be able to unsubscribe for further (commercial) communication on any moment. We sure still have some work to do. Next weeks, we’ll be working hard on:
- the creation of an extensive manual about how we will ask for permission in the future as best practice - this was already on our schedule before GDPR became a hot topic;
- improving the full protection of our systems, because continuity is of utmost importance to us; this too was already on our schedule; we work with leading suppliers who already have one and another sorted out standardly, but nevertheless, it’s always a good idea to make an extra effort in the field of security.