Skip to main content

Data Protection for Small Business

By December 9, 2016March 15th, 2019Advice, Business, Legal Issues, News, Small Business

Data ProtectionMarketing guides stress the importance of customer engagement, and ensuring that, as a small business, you make the most of any opportunity to keep your customers up to date with products, services and offers. This means that, in the never-ending need to advertise, the mailing list is one of the most important tools any business has. But how much do you know about the Data Protection Act, and your obligations under it?

Recent case law has highlighted the importance of understanding these obligations  to ensure you keep your customer information safe and secure. A small historical society was fined £500 by the Information Commissioner (which has legislative powers to enforce information rights in the public interest) when a laptop containing a spreadsheet of donor’s details was stolen.

So – do you collect emails for electronic receipts? Do you have a customer contact database? If you have staff, do you use their photos on a website? Do you have CCTV? Are you ever asked to share information about your staff or customers? Would you know what to do if someone made an official request to see the information you hold?

Have you any idea whether the actions you take comply with the Data Protection Act? With so many other things to get on with, data protection may not be at the top of your list of priorities, but it should be. How many times have you given your email or address to a supplier or service provider? Wouldn’t you be horrified to think your information was being handled without recognition of its importance to you as an individual?

What are the basic rules to remember?

Under the Data Protection Act, you must:

  • only collect information that you need for a specific purpose;
  • keep it secure;
  • ensure it is relevant and up to date;
  • only hold as much as you need, and only for as long as you need it; and
  • allow the subject of the information to see it on request.

To ensure you can apply these rules to your business, the Information Commissioner’s office has a dedicated section for small business on its website HERE, and there is a particularly useful checklist, which you can download HERE.

If you are a new business start up, get it right from the start and if you have been trading for a while, and are not sure whether your record-keeping meets the required standards take advice  – it could save you, and potentially your customers, a lot of trouble in the long run.