GDPR Stage 3
After many hours research and legal advice we are now adding the Privacy and Cookie Policies (stage 2 of GDPR) to all our websites.
If you have not yet completed Stage 1 (register with the ICO and provide your Data Protection Officer’s name) please go here. This allows us to complete stage 2 as above.
All work for stages 1 & 2 will be done within your usual monthly budget hours.
Stage 3 GDPR tasks
The tasks in stage 3 requires a considerable amount of our time and will cover the following…
- Assess each data capture form on your website including Newsletters, Offers, Reviews, Wifi logins, Deals, Surveys etc.
- Update each sign-up form on your website and add explicit Opt In permission.
- Update each form with links to your Policies.
- Add auto email responses. E.g. “thank for signing up” or “here is your voucher“.
- Recreate each form on a new GDPR compliant system.
- Document and asses all your lists of captured data (names and emails) and mark each record as non-compliant for old data and compliant for new.
- Email all people on all lists with the new policies and ask for Opt in.
- Add more prominent Opt Ins to all future emails.
The time needed and Budgets
The amount of time will vary by client as some have many more sign-up forms and lists than others.
We estimate that a single sign-up form and accompanying list will take 1/2 hour for all the tasks above. So if you have 4 forms and lists (most have many more) the time needed will be 2 hours.
You have a choice as to how we manage this. We can either ..
- Spread the tasks over 2 or 3 months and take the time needed off your budget. This will mean limiting the other tasks we often provide each month like new articles, email blasts etc.
- Request that the salons makes a contribution i.e. buy 2 hours of extra time at £50 +vat per hour. The 2 hours means we can process 4 forms and lists without affecting your usual monthly marketing work. Some salons will need more than 2 hours.
- Move to our new email marketing system where you can send client newsletters and use NO budget hours. There are 3 cost levels based on the number of emails you send & number of subscribers .
- You can ignore GDPR and we will not do any more work. But the penalties are considerable.
We want to make sure that whatever we do works for you and is fair, so please talk to your manager about the options and the time needed.