You are using an outdated browser. Please upgrade your browser to improve your experience and security.
Icon of a laptop inside a circle

Click here for decorating advice|Please allow 2 - 3 days for online delivery

GDPR hints and tips for retailers

17th January 2018

Gift wrapping mood board.

Big changes are on the horizon for how retailers (as well as every other business) will be able to handle data.


On May 25th 2018 new regulations will come into force that will change the landscape of data protection dramatically. The General Data Protection regulations (GDPR) are being introduced to ensure that consistent and stringent guidelines are followed by businesses throughout the EU, as current data protection regulations differ from country to country.


With cyber-attacks and data breaches a prominent issue over the past few years, GDPR aims to tackle the lack of thought across businesses with regards to the protection of individual’s data, introducing harsher fines that could seriously impact a business should they fail to comply with the regulations.


Whilst this all sounds very doom and gloom, there are a number of things that businesses can do in order to ensure they are compliant by the time May comes. Here we outline just a few things that you can do to prepare your retail business for the upcoming changes:


GDPR tips for retailers


Complete an audit of current data


Understanding your current data is the first step; what data do you have? Where is your data stored? Who is overseeing the data? How secure is your data? And what is your data being used for? If your data is stored on various databases, it would be a good idea to consolidate your data, so that it can be secured in one place.


Review processes for gathering data


Consent by individuals to use their data is one of the major changes occurring with GDPR. Individuals must actively agree to their data being used for a certain purpose (e.g. marketing, product updates, etc.), that means no more pre-ticked boxes or assumed acceptance. If you want to use data for multiple purposes, individuals will need to consent to each use separately. Within this you need to be explicit to an individual as to what their data will be used for, and how to withdraw consent.


Keep a record


Ensure that you keep thorough records of what data your organisation gathers, when it was consented to, how it was consented to, the purpose for which you will be using the data and if/ when an individual withdraws consent.


Understand what to do in cases of data breach


Both business owners and managers, as well as any employee within a business that deals directly with customer data, need to be up to speed with GDPR and what it means for their business. It is important to have an understanding how processes will change come May 2018. In addition to this, your business needs to know what to do in case of a data breach, who to contact and what information will need to be gathered.


These changes may seem frustrating however, they will ultimately lead to a more effective and targeted approach to data management for your business.

Next article Previous article