5 Top Tips in Business – Data Protection

When you are starting a new business, there is so much to do and so much to learn and, sometimes, you don’t know what you don’t know. We’ve asked our expert team to give you their top five tips for new businesses. Some tips are from their own experience as business owners and some are from their own area of expertise. 

This week, it’s Cristina Vannini-Goodchild’s turn, to give you her top five tips for GDPR. 

Tip 1 – Why GDPR is Important

Whenever one thinks of GDPR data security or consent for direct marketing or individuals having access to the data. And while all of these elements are part of the regulation and are important, they are just that, elements!  As organisations we forget that the someone’s name, contact details, date of birth, just to name a few, is personal data and it belongs to that individual; the organisation is the custodian of that data to whom the individual has entrusted it to, and it does not belong to us.  Data Privacy is a Human Right just like freedom of speech, freedom of political opinion, freedom of religion there the GDPR seeks to protect it to make sure we, as individual, are deprived of that right. 

Registering with the ICO

We have all heard about the mega fines that the regulator has imposed on Marriott Hotels, British Airways and Expedia but we don’t hear about the fines issued to small organisations and because of that we falsely believe that GDPR does not apply to small businesses or that the regulator is not interested in them.  This couldn’t be furthest from the truth.  The ICO has received 38,500 complaints in the last year alone and has issued several fines to small businesses since 2018 here are some examples: £85k to an estate agent, £50k to a financial consultancy business, £100k to a marketing agency, £275k to a pharmacy, £5k to a web designer and the list goes on. 
Do not fall into the trap that because you might be a small business you are immune, that might be the biggest mistake you’ll ever make because even if your cashflow could take the hit of a fine you need to consider the repercussion on your reputation and credibility.  The ICO likes to brag about actions they have taken on their website and social media which could have far reaching consequences for your business

Tip 3 – Only send Marketing to those who have given Consent

Direct Marketing is probably the area that causes most confusion so hopefully this tip will help you with this.
If the individual has expressed interest or has bought your products and/or services from you then you can send them promotional material via electronic means, but it must be of the same nature.  In other words, they have bought flowers from you, and you are sending them promotional material about your ‘for every events’ card collection.  The two products are not of the same nature; therefore, you will need consent before hand to promote to them your ‘for every events’ cards. 
In any event always, always offer to opt-out; this must be in every electronic communication that is promotional in nature. 

Tip 4 – Check the TPS Before you Cold Call

Cold calling does not fall under the definition of direct marketing.  However, you should be aware that if you intend to use this method to generate leads for your business you must not call those people that are registered on the TPS or organisations that are registered on the CTPS.  In May this year an organisation was fined £200k for unsolicited calls, another organisation was fined £30k for unsolicited SMS messages. 
Telemarketing can be a very effective strategy for leads generation just make you it’s done right to avoid unnecessary risks and reputational damage. 

Tip 5 – Treat Business Cards as Information, not Marketing Consent.

I get asked very often “what should I do with these business cards?” and before I give them the answer, I revert the question back to them.  What is the reason that you’ve given someone your business card?  What would you like them to do or not do with your details?
The answer to the first question is always – ‘well, I’d given them my card because I would like to connect with them’ 
The answer to the second question goes something along the line of – ‘I wouldn’t want them to add me to their mailing list and out of the blue I start receiving their newsletter’
They have expressed an interest in your business, or they might have connected with you at an individual level and the business card is just a way to carry on flourishing the connection is not about bombarding them with your latest offers or your upcoming event.
The same applies to social media, when someone accept your request to connect, they do so because they want to connect with you and what you do, they do not want to be sold to.  In fact, if you were to do that, you’ll find that they have removed the connection.


Apply for Support from

Leave a Comment

Your email address will not be published. Required fields are marked *