Client contacts me for a disco.
I take down all details
After the gig , shred/delete the lot.
Problem solved
Client contacts me for a disco.
I take down all details
After the gig , shred/delete the lot.
Problem solved
darylldj.co.uk , serving hampshire , Surrey and sussex
http://www.bristoldiscohire.co.uk - Quality Disco and Equipment hire for Bristol & Bath
Weddings, Birthday Parties, Kids Parties, School Disco's and more
https://julianburr.co.uk - Wedding, Family, Portrait and Product Photography
Easy , As I am part time , I can pick and choose gigs , corporate events are a no..no
Daryll
darylldj.co.uk , serving hampshire , Surrey and sussex
From early reports, I was led to believe that, for the first time ever, businesses needed to become their own Information/Data Commissioners. If this is the case, then it's often a legal requirement to keep data for 6 years so shredding details after a gig might not the best way to go about it?
Dazzy D
Lightning Disco & Entertainment
Born to make you party!
OK - back to the plot!
DJEP are blatantly ignoring all requests about GDPR. I can't wait any longer because I've always done things by the book....so I'm jumping ship.
For those not in the know about GDPR - the eighth principle of data protection is that data must be stored in an EEC approved country - the USA (where DJEP is hosted) is NOT included unless the provider adheres to certain criteria....at the moment DJEP don't and haven't been certified as such. The fines for ignoring GDPR are enormous and although it's unlikely the DPC will come for us....it's not a risk I'm willing to take.
This law applies to us even after we've left the EU by the way! DeckBooks are based right here in good old Blighty and confirm to all the necessary red tape
I'm in the process of moving over to DeckBooks. To be honest - it's a much better system (although I've still got to get my brain cell around a LOT of different ways of working). Lee (the developer) has been AWESOME in transferring my data across from DJEP to his system. As a bonus - if you're a member of the horrid NADJ or the excellent AMPDJ, there's mahusive discounts to be had
Much work still to be done - but it's looking like I'm going to be fully compliant by the date GDPR comes into force
As I'm getting more and more into conversations with people about GDPR I'm finding that the original intent behind the regulations is becoming lost.
As others have pointed out, the data does not have to be stored in an EEC approved country. It states that it cannot be stored in, or moved out of an EEC approved country without the users informed consent. The intention behind this regulation is to prevent customers data being gathered in the EU under GDPR where they have rights and protections and the data then being transferred or sold into a jurisdiction where the same protections do not exist.
As long as where the data is stored, the protections that are in place and how the data is going to be used are all made clear at the point where the data is gathered, then it's fine.
Regardless, the ICO is not going to come after DJ's, they'd be having words with DJEP and the worst case scenario is that DJEP would withdraw from European markets and leave their customers high and dry (can't see that happening) or shift their hosting to an EU country (I'd be surprised if this hasn't happened already, especially if they're hosting on an AWS or Azure cloud). The reality here is that we're all using many, many applications that are hosted in countries outside of the EU and the ICO really doesn't have the resource to police every single one of them. They're only going to target the big boys (e.g. Facebook - and look what it's taken for them to actually get involved in that one!!!)
That all said, if you've found another supplier that is UK based, then feel free to shout about it
Julian
http://www.bristoldiscohire.co.uk - Quality Disco and Equipment hire for Bristol & Bath
Weddings, Birthday Parties, Kids Parties, School Disco's and more
https://julianburr.co.uk - Wedding, Family, Portrait and Product Photography