GDPR for photographers – Is your photography site ready?
Yes, you might be sick of it by now but GDPR is coming and as of the 25th of May all businesses that collect the personal information of EU citizens will be ne subject to these new laws.
Despite what you might see on Facebook as a photography GDPR directly applies to you and with the deadline just a few days a way we thought we would do our best to make your life a little easy with our simple and easy to follow guide.
Do the new GDPR laws apply to me?
Well, the short answer is yes, if your business operates within the EU and you collect any sort of personal information about then yes GDPR applies to you.
What do they mean by personal data?
Well this includes the following:
- Date of birth
- PPS number
- Medical details
- IP address
- Phone Number
GET YOUR FREE GDPR Checklist
Ok, so now I know this applies to me what do I need to do?
Right well, first things first you need a data protection and data handling policy and we would recommend sticking them on your website. This should include what data you collect, why you collect, how you store it, why you store it and an outline of all the security measures you take to protect that data.
A great website to help you out is https://gdprchecklist.io/ which has a checklist to run through with the information you should have for your customers.
If you have any kind of mailing list, you need to make sure you send a copy of them and you ask for express consent to continue to contact them either in the form of a link or other method.
The consent thing can be a bit tricky, but the gist is if you mail your clients you need to make sure youre asking for consent to continue to contact them. You cant just bury this consent in some terms somewhere it has to be clear and you need to keep a record of it.
You also need to tell your clients about any 3rd party suppliers you use and how they can get hold of their policies.
What about security, they call it data protection for nothing!
Well, youre right IT security and the security of your client’s data is important, and GDPR states you should be following best practice when it comes to looking after your customer’s data. The use of passwords, encrypted files and firewalls are all steps most photographers should be taking to protect their personal information of their clients.
In conclusion, GDPR doesnt have to be as scary as it sounds and most of it really is common sense. By making sure you have your data protection policies up to date and taking some simple steps to ensure you protect your customer’s data you can save yourself some headaches and potential fines later down the line.
If you do fancy more reading then this article by Wired is a great place to start and if you have any questions about your website and GDPR please feel free to get in touch with our support team who will be happy to help.
June 12, 2018
April 30, 2018