How to get GDPR compliant with Microsoft – TechNet UK Blog
When the EU’s GDPR is introduced this year, the bar for data privacy protection in the UK will be raised. For thousands of businesses GDPR highlights daunting issues of compliance. The May 25, 2018, deadline for GDPR compliance is drawing closer but many businesses, including some Microsoft Partners and customers, are unsure where to begin. Microsoft has released a set of assets that will help businesses and Microsoft partners achieve GDPR compliance. You’ll also get detailed guidance on how GDPR will affect your business, including the supporting Microsoft technologies and features that could be leveraged to help achieve compliance.
Partners can also download the accompanying GDPR Detailed Assessment, intended to be used by Microsoft partners to assist customers in assessing their journey to GDPR readiness. The GDPR Detailed Assessment is also accompanied by supporting materials to assist partners in facilitating customer GDPR assessments. Microsoft has also introduced a GDPR product demo for Microsoft 365 Enterprise, showcasing features for GDPR compliance. The fundamental goal of this project is to show how businesses can use Microsoft technology, like SharePoint, Office UI Fabric and Office 365, to easily build GDPR solutions. There are also a wealth of resources that support Microsoft partners in making the most of GDPR as a market opportunity.
Prepare for GDPR. Microsoft is committed to helping customers achieve GDPR compliance and have committed that their technology will be GDPR compliant by May 2018. Whilst Microsoft does not provide any GDPR specific training, organisations that need to also skill up their employees can turn to third-party training providers for GDPR training.
Smartsheet Prepares for GDPR
We take very seriously the need to keep the personal data that customers entrust to Smartsheet private and secure. As the European Union seeks to further strengthen EU residents’ privacy rights with the General Data Protection Regulation, we are working to ensure our compliance in advance of the GDPR May 2018 effective date. The GDPR legislation is designed to give EU residents more control over and information about the use of their personal data across digital platforms. To ensure our compliance with the GDPR standards as of its effective date, we are undergoing the process of reviewing and, where necessary, updating our current policies and practices. Today I wanted to share some information about our current practices and our plans related to GDPR compliance.
Similar to the Data Protection Directive, the GDPR requires that an adequate transfer mechanism be in place in order to facilitate the transfer of personal data from the EU to the United States. To enable our EU customers to meet this requirement, Smartsheet self-certifies under the EU-US Privacy Shield and the Swiss-US Privacy Shield. That’s why we protect all customer data with a rigorous combination of infrastructure and procedures. Smartsheet was built with strict security requirements and protocols to ensure the security your data. Here at Smartsheet, we value our customers’ privacy and respect each person’s interest in knowing how their personal data is collected and used.
As I mentioned previously, we are undergoing the process of updating our current policies and practices to ensure compliance with the GDPR standards as of its May 25, 2018 effective date. For the latest information on Smartsheet and GDPR, please visit this page.
GDPR – Essentiamail
If you’ve any questions about email marketing and GDPR, or if you’ve any general queries about the legislation, please do feel free to call us – we’d be happy to have a chat. Either way, it will have implications for the way companies conduct their marketing and interact with customers and prospects. The only change that is likely to affect B2B marketers is for those that market to sole traders and partnerships. For sole traders and partnerships, the rules that apply to B2C will apply to B2B marketers. In order to send email or text marketing messages to a sole trader for example, you would need their express opted-in consent.
If you are emailing or texting a marketing message to an individual employee of a corporate, a limited company, a LLP, partnerships in Scotland or a government body you do not need them to opt-in. Essentially, if you are marketing to individuals or companies by telephone or direct mail, you do not need prior consent. No matter what channel you use for marketing, or who you are marketing to, the information on the ICO website stipulates that content must be about products or services that are relevant to that individual’s job role. It would be acceptable to keep only the amount of data necessary to suppress that person from receiving any further marketing messages. Proof of consent – The GDPR states that it is down to the company from whom the marketing messages come to prove that consent was obtained.
Not only is it necessary for compliance with the law, it makes good marketing sense to use data that is up to date, compliant, and from a reliable source. If any of these factors are in doubt, the results of your marketing campaigns are likely to suffer as a direct result.