So today is the day – I wonder if the world will fall in tomorrow? Hopefully, we will get fewer emails from companies we have apparently signed up to receive emails from – and in particular, we will stop receiving emails asking us to opt-in – particularly from companies we never signed up to.
You may be wondering why you haven’t received any of these emails from Concise Training. We have taken a rather pragmatic approach to GDPR based on what we have been doing up to now.
The majority of people are on newsletter list have already given consent to receive newsletters on our website. Either because:
- They have signed up from our website which has used a double opt-in consent process over the past 9 years. This means that not only have they signed up on the website but they have also received a confirmation email that they have needed to click. This is also what we will do going forward for anybody who signs up.
- They have attended a presentation or workshop, filled in a feedback form and ticked a box to receive our newsletter. I still have all these forms in my office – which will now be safely locked away.
- They have bought a product or service from our website and are therefore in contract with me so I can continue to send them information.
We did have a few email addresses that were put onto the newsletter because they enquired about one of our courses. These will be deleted from the newsletter list – but information will still be sent to them about the course they enquired about (under legitimate business interest).
We are making changes to the check out process and newsletter sign up process to make the newsletter sign up more explicit so in the future, if you purchase something from the website you will need to decide to sign up to the newsletter by ticking a box.
However….. big announcement coming….. We are waiting until June to make some of these changes (that is OK – we need to be working towards GDPR compliance rather than be completely compliant by today) as we are completely rewriting our Concise Training website – it just doesn’t make business sense to make major changes to the current website.
Alongside this, of course, we have been auditing our data, clearing up our systems and ensuring any personal data we do collect is kept securely and in one place so we can report on it if required and delete if asked it (unless we need to keep it to satisfy regulators).
It would be great to hear your thoughts on how you have seen GDPR implemented GDPR.