EVC Marketing Digital Communications
  • Home
  • About
  • Services
    • Digital Marketing
    • Traditional Marketing >
      • Direct mail
      • Owner communications
      • Website design
      • Marketing consultancy
    • Reputation Management
    • Cyber Security Services
    • Timeshare Sales
  • News
  • Contact

EVC Marketing Blog

GDPR - what you need to know

18/1/2018

4 Comments

 
General Data Protection Regulations (GDPR) regulations become law on 25th May 2018.
 

The law is applicable EU-wide including the UK post-Brexit and involves ANY company that collects/processes/stores or uses the personal data of EU/UK individuals and includes direct mail, print and third party suppliers who may have, or require, access to the data you hold.
 
This includes timeshare resorts – and you cannot hide behind your signed contracts and constitutions.
 
Within the legal obligations, it is important that businesses understand the difference between a Data Controller, a Data Processer and a Data Protection Officer.

  • A Data Controller (DC) – Is the business data owner that defines the purpose and means for which the data is collected and processed.
  • A Data Processor (DP) – Is the person or department who processes the data on behalf of the Data Controller.
  • The Data Protection Officer (DPO) – is a defined person (or persons) with responsibility for monitoring compliance, employee inclusion and company obligations to maintain records of data processing activities and to map how data is collected, why, how it is processed and stored and who has authorised access.
 
The DPO should trace the flow of data within the business and external third-party suppliers to ensure compliant systems and processes.
Picture
The law is specifically changing focus to prioritise the individual’s rights including the right to be informed (of any data breach) and the right to be forgotten (erasure of data) which may be subject to the “legitimate interest” exemption e.g. clients who have financial commitment etc.
 
Data security and privacy must be by design and a documented process must be in place.
 
There is a 72-hour timeline requirement for data breach notifications and responses to individual data requests.
 
Remember that individual employee laptops, or any data removed from the office premises, must have encryption of data to be compliant.
  
In addition, there is the option to streamline existing data – to actively erase data when no longer required – which will deliver a more lean, focused and targeted data contact opportunity.
 
Third party suppliers may need to have a security level agreement.
 
Finally, as part of the process your resort needs to consider employee GDPR options and employee awareness training so that they understand what is required of them going forward when handling personal data.
 
In short – a business needs to operate a higher standard of data security.
 
If you require any information on making your practice GDPR compliant, contact EVC Marketing now.
4 Comments
    Picture

    Tel: +44 (0) 208 123 9273
    Mob: +44 (0) 7725 673437

    Helping your resort on the path towards marketing success

    EVC Marketing

    I have worked in the timeshare marketing arena for over 20 years since graduating from Stirling University with a degree in Business Studies. Having worked for a number of companies including Airtours, I set up my own company with my partner in 2000. In 2008, I decided to break away and EVC Marketing Communications was born.

    Archives

    March 2018
    January 2018
    January 2016
    September 2015
    July 2015
    January 2015
    December 2014
    November 2014

    RSS Feed

Social Media Marketing Society Member

Services

Digital Marketing
Traditional Marketing
Reputation Management
Consultancy
GDPR Advice & Support


Company

About
Contact
Privacy Policy
Cookie Policy
Terms of Use


Contact

T: +44 (0) 208 123 9273
T:
+1 239 444 8176
M: +44 (0) 7725 673437
S: EVMCollins

© COPYRIGHT 2020.  ALL RIGHTS RESERVED.
  • Home
  • About
  • Services
    • Digital Marketing
    • Traditional Marketing >
      • Direct mail
      • Owner communications
      • Website design
      • Marketing consultancy
    • Reputation Management
    • Cyber Security Services
    • Timeshare Sales
  • News
  • Contact