If you haven’t already thought about it there are some things that you will need to do to prepare your business for Brexit.
Especially if you:
- import or export goods or services to the EU,
- exchange personal data (including customers’ addresses, staff working hours or information you give to a delivery company) with an organisation in Europe (this includes using websites or services hosted in Europe & processing personal data from Europe), or
- you use or rely on intellectual property (IP) protection (this includes copyright, trademarks and patents).
There is a useful step by step guide at https://www.gov.uk/get-ready-brexit-check
To put the record straight copyright is an automatic right. Therefore when you produce a creative work you own the copyright in it There are a few exceptions so for example if you have a contract of employment, the contract will generally state that when you are employed the employer owns the copyright of material you produce at work
Copying or adapting someone else’s work is a ‘restricted act’. An adaptation is a ‘derived work’. If someone adapts your work, you still own it. There is no acceptable percentage of changes.
You have every right to object if they publish such a work when you have not given them your permission to do so. You are also entitled to reclaim any money they make from selling your work. They could seek your permission to use the work as the rights owner, however, you will be able to charge a fee and/or royalties for this.
Read more about copyright. If you would like more detailed information about copyright please ask for our Copyright White Paper.
There is no specific legal requirement to have a data protection policy under the Data Protection Act 2018 or the General Data Protection Regulations (GDPR). However, there are some areas where such a document could prove useful.
The GDPR contains explicit provisions about documenting your processing activities:
- You must maintain records on several things such as processing purposes, data sharing and retention.
- Documentation can help you comply with other aspects of the GDPR and improve your data governance.
- For small and medium-sized organisations, documentation requirements are limited to certain types of processing activities.
In addition, individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under GDPR. You must provide individuals with information including:
- your purposes for processing their personal data,
- your retention periods for that personal data, and
- who it will be shared with
You must provide privacy information to individuals at the time you collect their personal data from them.
If you obtain personal data from other sources, you must provide individuals with privacy information within a reasonable period of obtaining the data and no later than one month.
Using Data Processors
When seeking referrals off people in my networking group, what information is safe to gather? So, let’s say, for example, I ask Bob for referrals of our ideal client. Bob knows somebody who may be interested in our service – so passes us their contact details. Is this safe?
Samuel Poole Marketing Communications Manager Syn-Star Complete I.T. Solutions
Great question, actually in Data Protection terms it is not safe to do this unless certain things are in place.
Essentially when dealing with personal information such as contact details the person who decides what to do with the information is a data controller, in this case, Bob.
The data controller has to “process” personal data fairly (processing includes passing it to a third party i.e. you). They also have to have one of six lawful reasons to be able to process the data. The most appropriate one of which in these circumstances is the consent of the data subject. This has to be GDPR compliant consent i.e. given freely, not under duress and in full knowledge of what they are consenting to.
The data controller also has to give “privacy information” explaining how the subjects data will be used. There are specific things that have to be included in this information which often takes the form of a notice, but can also be given verbally depending on the circumstances.
It is incumbent on you to check that the necessary consent is in place for the use you wish to make of the data before acting on it.
Of course, once the information comes into your hands for marketing purposes you become a data controller, in addition, you will need to comply with the Privacy and Electronic Communications Regs in relation to electronic marketing messages (phone, fax, email or text).
Have everyone mental health aware, with the policies and procedures in place to support them.
My top tip for presentations or pitches:
Feelings Beat Facts.
How people feel after you’ve presented is much more important than any details or data. No one will remember your graph when they leave, but they’ll all remember how you made them feel.
<center><a class=”button” href=”https://www.crimsoncrab.co.uk/reputation-advocate/profile-training/”>Profile Training</a></center><br>
Do your very best, then check again and make sure everything you have said or done is fully compliant, correct with your working practices and within the law, before you send, publish or leave your client.
Do your absolute best, then you will not have to return to it and sort it out another time.
<center><a class=”button” href=”https://www.crimsoncrab.co.uk/reputation-advocate/xmac/”>XMac</a></center><br>