You feel overwhelmed
You know privacy is important stuff, you know you need to prioritise it, but you’re not sure where to start. We get it – your business is unique, the legal jargon is confusing and you don’t want privacy to get in the way of your ability to innovate. The good news is when it’s done right, data privacy compliance does the opposite. When you know exactly how you can use the data you hold safely, you’re able to maximise its value.
You’re unsure about what you do with people’s data
Each area of your business will touch personal data in a different way, which may not be immediately obvious to the rest of the organisation. You need to know what information you collect, what you do with it, where you keep it, what permissions you have in relation to it, who you share it with, how long you keep it for and what you do with it when you no longer need it.
You’re not transparent about how you use data
Not only do you need to understand all of these things, but you must also communicate it clearly, in easy-to-understand language. Individuals need to know what you do with their data, what their rights are in relation to that information and how they can exercise those rights. Failure to do so is likely to impact your ability to work with partners and clients, damage your reputation and leave you open to enforcement action by the regulator.
You’re not sure who you’re sharing data with
Individuals will share personal information with you because they trust you, but you might then share that data with organisations they know little about. That may be software development companies, online marketing companies, event organisers, or hosted Saas platforms. There are lots of examples where you might lose physical control of that data. You must make sure that each organisation is safe to share data with and put a data processing agreement in place.