GDPR stands for General Data Protection Regulation
GDPR is the biggest change to UK data privacy law for 20 years and creates a single set of rules that better protects personal information for people across the EU. All organisations must review how they manage all personal data, such as customer addresses and staff details, to ensure they meet GDPR requirements.
What does GDPR mean to your customer
1. They are better protected
The new rules make sure that all organisations are set up to protect any personal data they hold, and to act appropriately if something goes wrong.
2. They have more control
The new regulation supports the right for the customer to have their privacy respected and their personal data protected. It gives the customer easier access to the personal information organisations hold about them, if they wish to check or change it. It is designed to give them confidence that this information is accurate, up-to-date and well-managed. They also have the right to erasure, where, upon request, the customer’s personal data is erased.
3. They can change their mind
Every organisation must provide the customer with the opportunity to change their mind about the choices they have made. This is intended to give the customer options and keep them in control.
How do Touchretail store your data?
To comply with GDPR and to ensure customer data is kept as secure as possible the following is how Touchretail store your data.
Customer data is stored in TRIMS on Touchretail data servers, the data servers are in a secure data centre in London and protected behind firewalls. The data is also backed up daily to 2 other data servers which are in Cardiff and Germany. These backups are only kept for a maximum of 7 days, after this, they are overwritten.
All our staff are fully competent in GDPR and aware, what is and is not, allowed when handling your data. Your data may occasionally be downloaded to our local servers for debugging purposes on the software if you have an issue, but is deleted once no longer required.
How are Touchretail helping you, the retailer?
It is important that the retailer is able to record that the contact (customer - or, in GDPR terms, ‘data subject’) has given consent for their personal data to be stored and processed by the retailer.
Touchretail are helping retailers by introducing a number of GDPR features that, when combined with existing functionality, provide the retailer with the tools they need to adhere to GDPR guidelines.
TRIMS GDPR Features
Your responsibility as the retailer
Touchretail provide a set of CRM tools designed to help the retailer comply to GDPR legislation. It is your responsibility as the retailer to ensure that anyone working with customer data is fully aware of the GDPR guidelines, and uses the available TRIMS CRM GDPR tools correctly when working on customer data. A series of GDPR videos along with documentation will be available on the Touchretail helpdesk instructing on how to use these tools.
All existing contacts by default have not provided consent. It is your job as the retailer to contact existing customers to gain consent. This needs to happen before May 25th. After this date, by law, you will not be able to contact customers who have not provided consent.
Ask for consent now
You have time now where you can still contact customers who have not given consent. Use this time to contact your customer database and ask for consent. Keep proof and update each contact on the TRIMS CRM to state that the contact has given consent. Remember, after May 25th, by law you will not be able to contact customers who have not given consent. This procedure needs to happen in advance of May 25th.
Documentation and tools
In the run-up to May 25th, Touchretail will be releasing GDPR documentation via the Touchretail helpdesk and the GDPR tools through TRIMS system updates. It is important to accept and install any updates prompted by your TRIMS system. We will inform all of our helpdesk users when this happens.
Touchretail Terms and Conditions
The full Touchretail SaaS Terms and Conditions are available here for download in PDF format
The full Touchretail Website Terms and Conditions are available here for download in PDF format
The full Touchretail Data Protection Policy is available here for download in PDF format
A final note on GDPR
It is the retailer's responsibility to comply with the GDPR requirements. Touchretail do not specialise in, or provide advice or assistance in, becoming compliant. Touchretail have introduced a number of tools into our software which provide the retailer with the facilities they need to help with compliance, but it is down to the retailer to make use of these tools in the necessary way based on their GDPR knowledge and education.
Useful ReferencesICO. Guide to the General Data Protection Regulation (GDPR)
Leave your legacy system behind and join the growing number of successful retailers benefitting from modern technology, processes and the flexibility that can only be found in TRIMS by Touchretail.