40 Ways YOUR Art Or Maker Business Is Collecting GDPR-Type Data | GDPR For Artists & Makers
GDPR For Artists & Makers | 40 Ways YOUR Business Is Collecting Data
Oh my! This post talks about GDPR For Artists & Makers | 40 Ways YOUR Business Is Collecting Data!
GDPR has been set up to protect the personal data of any EU citizen. But what is this personal data?
Well the definition is: “any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person”.
Put simply its ANY type of data (written or imagery) that you collect within BOTH your physical business and your online business that could in any way ‘identify’ an individual. Plain-as-mud right? lol!!
“but i dont collect personal data?” – really? this is a question I am hearing a lot and my answer to this is – do you have names, addresses physically written on a piece of paper or do you have any emails of clients or followers? – then yes you are collecting personal data and need to be GDPR compliant! AND, if you are outside the EU but have collected even 1 email from a EU citizen, then yes you also need to be GDPR complaint.
“but I’m in the USA and I have no EU clients as I havent made any EU sales so I don’t collect any personal data?” – really? what about your website? If you have a live website and it is collecting statistics, has cookies installed or is linked to Google anayltics or a facebook pixel, then yes you are collecting personal data! AND if you check those stats and see ANY European country in your list then you have EU visitors on your website and you need to be GDPR compliant!!
OK super great I hear you say, thanks Sarah – lol! Sorry folks, but please don’t bury your head in the sand!!!
So here’s 40 ways I’ve identified (in no particular order) in which YOU might be collecting personal data that could ‘identify’ an individual within your art or maker practice….
- Contact Form On Website
- Enquiry Form On Website
- Custom Order Intake Form – physical sheet of paper or on website
- Job Book-In Sheet – physical sheet of paper
- Someone giving you their business card – yes this is now considered ‘personal data’
- Giving away a freebie / lead magnet on your website
- Newsletter sign up
- Comments section on your website or blog post
- ‘My account’ section of your website
- The ‘add to cart’ section of your website
- The ‘order’ page of your website
- Cookies (not the chocolate biscuit ones)
- Google Analytics
- Facebook pixel
- Other website statistics – my wordpress website uses jetpack
- Those like/share promotions on facebook / instagram
- Ads on facebook / instagram
- Sharing a photo of one of your clients or someone wearing your jewellery
- Sharing a photo of another individual whom you don’t know
- That jar you keep at a fair to collect names and addresses in
- Mailchimp / Active Campaign or any of the big email list services
- Other email providers like gmail, outlook, apple
- Any CRM programme – ie a software or app that helps to organise names and addresses or peoples details
- Your PHONE – yes think of all those contacts in your phone!!!
- Your computer or tablet
- Cloud storage – like google drive, one drive, dropbox
- Storage backups – like hardrives or flashdrives you keep to backup your computer and store files on!
- Accounting apps – quickbooks, sage, xero, wave, free agent
- Project management apps you may use with your clients to share info – like trello, asana, basecamp
- Recording video calls (either on the cloud or to your computer)
- Payment details – bank or card – via your bank, paypal, stripe, credit card machine etc
- Your website host or platform
- The plugins and apps on your website
- Note Taking programmes you use in the cloud or on your devices – like evernote
- Graphic Design programmes if you have used a photo or information from a client where they can be identified
- Calander apps and meeting signup programmes
- Social media schedulers
- Videos with people in them
- Social Media itself – all of it, lol
- A membership site
So what do you think? Pretty scary right?
So have you started tackling GDPR & do you need help?
(Disclaimer: I am not a lawyer and I am not giving legal advice. This post is for information only and details my opinions of how I have dealt with GDPR. If you want legal advice on now GDPR affects your business then please consult a lawyer!)
#gdpr #gdprcompliance #makerslife #artistslife #mentortip