GDPR - anyone working in this area?

GDPR - anyone working in this area?

Author
Discussion

Rollin

6,077 posts

244 months

Friday 11th May 2018
quotequote all
Rollin said:
An exemption was debated in parliament yesterday...and rejected.
DELETED: Comment made by a member who's account has been deleted.
Be aware that private dental practices do not need a DPO, which goes to show why many NHS practices think the new regulations are ridiculous.
I imagine there will be thousands of none compliant practices come May 25th. Many will be beyond caring too so you might not get the reaction you were expecting if you intend contacting some.

I'm down to 2 days per week actually treating patients because I have to deal with yet more stupidly drafted regulation like this.



anonymous-user

53 months

Saturday 12th May 2018
quotequote all
Is there a clear definition of what constitutes a business?

We work mainly in insurance and there we have the situation where most businesses up to 1 million turnover are classed as a consumer.

Hoofy

76,253 posts

281 months

Saturday 12th May 2018
quotequote all
desolate said:
Is there a clear definition of what constitutes a business?

We work mainly in insurance and there we have the situation where most businesses up to 1 million turnover are classed as a consumer.
You're classing them as a consumer, aren't you? Their legal definition is probably relevant here.

anonymous-user

53 months

Saturday 12th May 2018
quotequote all
Hoofy said:
You're classing them as a consumer, aren't you? Their
legal definition is probably relevant here.
Yes

We class all our clients as consumers as its easier to run one process.

DKL

4,480 posts

221 months

Saturday 12th May 2018
quotequote all
Rollin said:
DELETED: Comment made by a member who's account has been deleted.
This is doing the rounds in the optical press too. Oh joy.
http://www.opticalconfederation.org.uk/news/latest...

loafer123

15,406 posts

214 months

Saturday 12th May 2018
quotequote all

A quick question for the experts.

Is it OK, in a GDPR consent email, to say that all registered subscribers will be entered into a prize draw?

Obviously I am trying to increase open and click rate...!

m1dg3

128 posts

153 months

Saturday 12th May 2018
quotequote all
Hoofy said:
Today I got an interesting email about my GDPR confirmation.

The email had a link. I clicked it, the web page confirmed that I had approved the business. Slicker than getting someone to re-input their details. Is there something like this available for mailchimp? (My data is on mailchimp.)
I was looking into this for a client yesterday. MailChimp's opinion is that you need a positive confirmation so the minimum you can do on the website is pre-fill the form and have a tick box for the contact type. I would tend to agree with this as the one-click confirmation would be hard to prove was definitely a conscious choice if one of your subscribers decided to be awkward.

You can hack it together yourself using the API if you disagree with that opinion.

loafer123

15,406 posts

214 months

Saturday 12th May 2018
quotequote all
loafer123 said:
A quick question for the experts.

Is it OK, in a GDPR consent email, to say that all registered subscribers will be entered into a prize draw?

Obviously I am trying to increase open and click rate...!
DELETED: Comment made by a member who's account has been deleted.
Shame! Why is that?

All opt outs have always been removed via Mailchimp unsub.

Of the remainder, many are compliant already and we are intending to email the remainder that need positive affirmation.

Sensible approach?


loafer123

15,406 posts

214 months

Saturday 12th May 2018
quotequote all
loafer123 said:
Shame! Why is that?
DELETED: Comment made by a member who's account has been deleted.
Given doing nothing would unsubscribe them, surely it is a reward for doing so, rather than a penalty for doing nothing?

A PM/chat on Monday would be great - it is my wife’s online retailer, so will consult with the boss...I am the teaboy, management accountant and webmaster a couple of days a month for her and do complex property for a day job!

Hoofy

76,253 posts

281 months

Saturday 12th May 2018
quotequote all
m1dg3 said:
Hoofy said:
Today I got an interesting email about my GDPR confirmation.

The email had a link. I clicked it, the web page confirmed that I had approved the business. Slicker than getting someone to re-input their details. Is there something like this available for mailchimp? (My data is on mailchimp.)
I was looking into this for a client yesterday. MailChimp's opinion is that you need a positive confirmation so the minimum you can do on the website is pre-fill the form and have a tick box for the contact type. I would tend to agree with this as the one-click confirmation would be hard to prove was definitely a conscious choice if one of your subscribers decided to be awkward.

You can hack it together yourself using the API if you disagree with that opinion.
Hm. I've decided to just go with the worst option for me as it's easier and quicker to do. frown

RM

580 posts

96 months

Wednesday 16th May 2018
quotequote all
DELETED: Comment made by a member who's account has been deleted.
What would make a business need re-consent?

I've received a few emails now from companies saying, "If you don't hit the unsubscribe button, we will continue to email you". Mailchimp suggest the opposite, that subscribers need to re-consent.

Hoofy

76,253 posts

281 months

Wednesday 16th May 2018
quotequote all
RM said:
What would make a business need re-consent?

I've received a few emails now from companies saying, "If you don't hit the unsubscribe button, we will continue to email you". Mailchimp suggest the opposite, that subscribers need to re-consent.
I think they've got it wrong. It's opt-in not opt-out.

RicksAlfas

13,355 posts

243 months

Wednesday 16th May 2018
quotequote all
I am on BMW's email list and I don't want to opt in, so am ignoring them. However they are bombarding me with "you haven't opted in yet" emails plus a letter in the post. I can only think their marketing department must be on a retention bonus! Many other requests to opt in are getting filtered straight into my junk/spam folder as well.

I have had a couple of funny ones, one claiming to be the most boring email ever and one saying they have had to send it to stay out of a Russian gulag.

Bikerjon

Original Poster:

2,202 posts

160 months

Wednesday 16th May 2018
quotequote all
I don't think anyone actually knows! You can already see how much confusion this one aspect is already causing. My understanding is that If you are an existing customer/subscriber then "legitimate interest" should negate any need to opt-in for a second time - but who really knows for sure?

jammy-git

29,776 posts

211 months

Wednesday 16th May 2018
quotequote all
If you can show that the customer has given you permission for a specific purpose then you don't nee to re-ask them for permission for that purpose again. It's clear though that very few companies have been keeping records of how they've obtained people's personal data, which is why you're being bombarded with these opt-in emails.

And you definitely have to opt-in to things now, unless you can find a "different lawful basis": https://ico.org.uk/for-organisations/guide-to-the-...

Sheepshanks

32,541 posts

118 months

Wednesday 16th May 2018
quotequote all
Bikerjon said:
I don't think anyone actually knows! You can already see how much confusion this one aspect is already causing. My understanding is that If you are an existing customer/subscriber then "legitimate interest" should negate any need to opt-in for a second time - but who really knows for sure?
I'd have thought "legitimate interest" would be fine in the BMW example above. Surely BMW can quite reasonably say it's in their legitimate interest to send new car information to people who have previously crossed their path somehow.

Sheepshanks

32,541 posts

118 months

Wednesday 16th May 2018
quotequote all
jammy-git said:
If you can show that the customer has given you permission for a specific purpose then you don't nee to re-ask them for permission for that purpose again. It's clear though that very few companies have been keeping records of how they've obtained people's personal data, which is why you're being bombarded with these opt-in emails.
The really stupid thing is that if they can't show consent was given in the first place then arguably the firms shouldn't be emailing them at all. The ICO has issued penalties for this under PECR - Honda got one.

RicksAlfas

13,355 posts

243 months

Wednesday 16th May 2018
quotequote all
I’ve had some emails with a button for yes and another button for no. That would seem the safest way of doing it.

Hoofy

76,253 posts

281 months

Wednesday 16th May 2018
quotequote all
Can you run a competition? Consent and you may win Hoofy to rub his oiled body on you for an hour?

Hoofy

76,253 posts

281 months

Wednesday 16th May 2018
quotequote all
Hoofy said:
Can you run a competition? Consent and you may win Hoofy to rub his oiled body on you for an hour?
DELETED: Comment made by a member who's account has been deleted.
Because that is against the rules?