40 Ways YOUR Art Or Maker Business Is Collecting GDPR-Type Data | GDPR For Artists & Makers

by | May 16, 2018 | Make Money From Your Art | 0 comments

GDPR For Artists & Makers | 40 Ways YOUR Business Is Collecting Data

Oh my! This post talks about GDPR For Artists & Makers | 40 Ways YOUR Business Is Collecting Data!

GDPR has been set up to protect the personal data of any EU citizen. But what is this personal data?

Well the definition is: “any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person”.

Put simply its ANY type of data (written or imagery) that you collect within BOTH your physical business and your online business that could in any way ‘identify’ an individual. Plain-as-mud right? lol!!

“but i dont collect personal data?” – really? this is a question I am hearing a lot and my answer to this is – do you have names, addresses physically written on a piece of paper or do you have any emails of clients or followers? – then yes you are collecting personal data and need to be GDPR compliant! AND, if you are outside the EU but have collected even 1 email from a EU citizen, then yes you also need to be GDPR complaint.

“but I’m in the USA and I have no EU clients as I havent made any EU sales so I don’t collect any personal data?” – really? what about your website? If you have a live website and it is collecting statistics, has cookies installed or is linked to Google anayltics or a facebook pixel, then yes you are collecting personal data! AND if you check those stats and see ANY European country in your list then you have EU visitors on your website and you need to be GDPR compliant!!

OK super great I hear you say, thanks Sarah – lol! Sorry folks, but please don’t bury your head in the sand!!!

So here’s 40 ways I’ve identified (in no particular order) in which YOU might be collecting personal data that could ‘identify’ an individual within your art or maker practice….

  1. Contact Form On Website
  2. Enquiry Form On Website
  3. Custom Order Intake Form – physical sheet of paper or on website
  4. Job Book-In Sheet – physical sheet of paper
  5. Someone giving you their business card – yes this is now considered ‘personal data’
  6. Giving away a freebie / lead magnet on your website
  7. Newsletter sign up
  8. Comments section on your website or blog post
  9. ‘My account’ section of your website
  10. The ‘add to cart’ section of your website
  11. The ‘order’ page of your website
  12. Cookies (not the chocolate biscuit ones)
  13. Google Analytics
  14. Facebook pixel
  15. Other website statistics – my wordpress website uses jetpack
  16. Those like/share promotions on facebook / instagram
  17. Ads on facebook / instagram
  18. Sharing a photo of one of your clients or someone wearing your jewellery
  19. Sharing a photo of another individual whom you don’t know
  20. That jar you keep at a fair to collect names and addresses in
  21. Mailchimp / Active Campaign or any of the big email list services
  22. Other email providers like gmail, outlook, apple
  23. Any CRM programme – ie a software or app that helps to organise names and addresses or peoples details
  24. Your PHONE – yes think of all those contacts in your phone!!!
  25. Your computer or tablet
  26. Cloud storage – like google drive, one drive, dropbox
  27. Storage backups – like hardrives or flashdrives you keep to backup your computer and store files on!
  28. Accounting apps – quickbooks, sage, xero, wave, free agent
  29. Project management apps you may use with your clients to share info – like trello, asana, basecamp
  30. Recording video calls (either on the cloud or to your computer)
  31. Payment details – bank or card – via your bank, paypal, stripe, credit card machine etc
  32. Your website host or platform
  33. The plugins and apps on your website
  34. Note Taking programmes you use in the cloud or on your devices – like evernote
  35. Graphic Design programmes if you have used a photo or information from a client where they can be identified
  36. Calander apps and meeting signup programmes
  37. Social media schedulers
  38. Videos with people in them
  39. Social Media itself – all of it, lol
  40. A membership site


So what do you think? Pretty scary right?

So have you started tackling GDPR & do you need help?

(Disclaimer: I am not a lawyer and I am not giving legal advice. This post is for information only and details my opinions of how I have dealt with GDPR. If you want legal advice on now GDPR affects your business then please consult a lawyer!)

#gdpr #gdprcompliance #makerslife #artistslife #mentortip

Take My 3-Day GDPR Challenge

ARTISTS & MAKERS, Do You NEED HELP WITH GDPR?