Business management Archives - Caldere Associates

GDPR – Make Sure You Know

By | Administrative, Business Management | No Comments

Data safety and legal compliance depend on GDPR

It used to be the case that a person could freely walk across or use another person’s land so long as they were not violating other laws. More recently, governments protected the landowners’ property rights by strictly restricting how other people could access and use their property. In 2016, the EU passed laws that clarify the property interest of individuals in the data that is collected about them, and determine how the custodians of the data must control how the individual, the custodians themselves, and any third parties access and use the data. This legislation is called the General Data Protection Regulation (GDPR), and it comes into force on 25th May 2018.

GDPR Is the Law

All UK and EU organisations, as well as all other organisations processing data belonging to EU residents, will need to be fully in compliance by May 25th. Additionally, legal experts agree that Brexit is unlikely to relieve UK organisations of their responsibilities under the law (in any case the law will take effect long before Brexit is completed).

GDPR determines how data is to be stored, accessed, protected and utilised.  In simple terms, GDPR provides the public with more power to access information being held about them without having to access the SAR (Subject Access Request). Individuals also have the right to specify how their data is accessed and used by other people and entities. Finally, GDPR requires the holders of data to manage the data according to privacy best practices. The people who your data describes are recognised to have a property interest in their data, and this must be respected. Fortunately GDPR describes how you are expected to arrange things so that your databases respect the law.

What Do We Need To Do?

GDPR mandates that organisations appoint a Data Protection Officer (DPO). Your DPO will be responsible for and will need to be in contact with internal and external customers in the event of a data breach. For most small businesses, it won’t be a legal requirement to formally appoint a DPO. It is also possible to appoint someone outside the firm (for example, a consultant) to be your DPO. However, someone in your business will, in general, be responsible for data compliance obligations under the GDPR, including documenting that compliance.

Note that under the GDPR, a breach in data doesn’t mean that only personal or financial details are unprotected or inappropriately accessed. GDPR has a broader scope. It includes confidentiality agreements, usage details, IP addresses, or any other data identifiable as belonging to an individual within the EU, including encrypted data.

How Does the GDPR Affect What We Use Data For?

The provisions of the GDPR can be divided into 8 key rights possessed by the individual whose data is being stored and processed. It also states how you must respect these rights.

  1. Right of access: Individuals can request access to their personal data.
  2. Right to be forgotten: Individuals may ask you to tell them how you use their data. They can ask you to remove and delete their personal data.
  3. Right to be informed: Individuals must know how you intend to use their data at the time that you gather it, and they must freely give their consent to that usage. There are rules that govern what information we need to supply and at what stages we need to supply information to the client.
  4. Right to data portability: Individuals must be allowed to transfer or move their personal data between service providers easily and safely. This move must be accomplished without denying the individual access to or use of their data.
  5. Right to data rectification: Individuals must be permitted to correct their data if it is inaccurate or incomplete.  Customers need to be made aware of the third parties to whom the data has been disclosed. Data holders must make sure that these third parties are also informed of the corrections to the data.
  6. Right to restrict processing: Individuals whose data you hold may specify how you may not use or process it, or deny you the right to process it altogether.
  7. Right to object: Individuals may object to your usage of their data based on their own particular circumstances.
  8. Rights related to automated decision making and profiling: You must have safeguards in place against the risk that a potentially damaging decision might be made without human intervention. Individuals generally have the right not to be subject, without their consent, to a decision that is based on an automated profiling or demographic sorting process.

What Else Do We Need To Know About the GDPR?

Naturally, as with any legal compliance issues, it’s best for you to consult with your company’s legal advisers to determine which provisions of the law you are in compliance with now, and which provisions you need to work on in order to get ready by the May 25th deadline. Typical of most legislation, interpretations of details or even of key provisions may differ. Fortunately there are official bodies who are issuing clarification and guidance, such as the Information Commissioner’s Office in the UK, and the Data Protection Commissioner in Ireland.

Once you know what your data compliance efforts must accomplish, our team of professional database experts at Caldere will be happy to give you the tools, methods, and support you need to reach those goals. Please don’t delay; a full and effective overhaul of your data policy is not something that can be done at the last minute. Contact us today to find out how we can help.

Five Ideas for Making Our Businesses Stand Out

By | Business Management, Tips and Tricks | No Comments

Even though communications technology gives us many ways to present information about our companies, we need strategies for doing so powerfully and meaningfully. Even though we want to define ourselves to others as really important and to get the attention we deserve, we know that the sheer overwhelming volume of information makes it difficult to get our message across. How do we tell our story to the people we want to reach out to so that they remember us? How do we convincingly say, “We’re different and better”?

The main thing we need to do is to be clear about who we are, what we do, and why we do it. Then we need to focus on exactly what we do that others can’t provide, the things that our customers come back again and again for and that make us unique.

Here are five thinking points for how to create that definition and to stand out in the minds of our customers.

  • What is our passion? Passion comes before profit. In order to be and seem authentic and driven, we need to be excited about ourselves and what we offer. We have a story to tell. In realising our own value, we can make others realise it too. We’re in this for a reason, and that reason is what brings customers to our door. For example, we at Caldere are committed to understanding data and project management at the highest level and anticipating the real needs of business so that we can design exciting new data interpretation systems capable of answering critical questions even before our clients think to ask.
  • What is our key “thing”? What do we offer that others don’t? Because we are who we are, what can we do that others can’t? Are we a unique source for something extraordinary? Is our customer service the best in the business? What do we promise, and deliver on, better than everyone else? The answers to these, and similar, questions tell us who we are to those with whom we are the most successful. At Caldere, we are uniquely characterised by our customer-focused approach to effortless efficiency and productivity, through our creative problem-solving expertise and our commitment to making data serve business goals rather than making business chase arbitrary metrics.
  • Who is our audience? Having discovered our identity and our best strengths, we need to make sure that the right people discover us, too. In the past we created untargeted mass content, directed to no particular person, and optimised for no particular medium. Today we have to use all of our tools precisely, so that we reach the right person at the right time, every time. In order to do that, we need to gather good information. We can use business intelligence tools to mine our existing data for clues on what has worked best in the past and who our best customers are. We can talk to people in many ways to get their feedback on what they need most and what they expect in the future. At Caldere, we are finding more and more that we partner best with small and medium businesses who want to get the most out of their data and who are open to the latest ways to use their findings to connect closely with their own internal and external customers.
  • Why should our audience care about us? Our customers, however much they might admire us, our conviction, and our competence, will only make the effort to work with us if we have something they need and want. Just standing out is not enough. Customers may think of us as just a vendor of a particular product or service, but we know that they have a purpose in mind for which the product or service is just a means to an end. If we can show that we understand and care about their values and goals, they will in turn see us as an indispensable part of their success. Here at Caldere, we know our clients thrive when we create and sustain long-term relationships in which customer service is the highest priority—we know you can’t do your jobs unless your systems do their jobs for you.
  • How do we make our voices heard? It’s not enough anymore to just “hang a shingle”. Why and how we do what we do matters. Just like we seek to become part of our customers’ story, we need to make them feel like they are part of ours. People share their ideals and identities through social media, and businesses do the same thing in exactly the same way. Facebook, LinkedIn, Twitter, and other social media are not just a way to announce our presence, but to share our thoughts, our best practices, our philosophy, and why people are glad to work with us. Authentic, relevant content, posted where people will naturally seek it, will encourage our existing customers to stay loyal, and make it easy for our prospects to engage with us. This blog is just one example of the many ways in which we at Caldere seek to inform and educate our prospects, customers, and colleagues.

Start by introducing these ideas bit by bit into your outreach efforts. As we become more comfortable with them, we can increasingly rely on them to help us to grow into our professional identities and to make our presence felt more and more strongly within our business communities. We should re-evaluate the answers to these questions regularly so we don’t miss critical shifts in the industry, in communications technology, or even in our own goals and values.

Business communication is now so fast and sophisticated that it will never again be sufficient to simply present ourselves as product or service providers. We need to get across clearly why we care about what we do, why we are different and relevant, why we matter to the industry and to our customers, and why and how we can help our clients take the next steps to success. Caldere are fully committed to helping you use your valuable data to answer all of these questions not only for your customers but also for yourselves.

How Can We Help?

Find out how Caldere can help you to build a more successful business:
Call +44 (0)118 945 6220 and speak to one of our dedicated specialists.

Contact us!