New GDPR will change your business operations

The GDPR deadline is fast approaching, and will dramatically change business operations for many businesses, in particular retailers. It’s absolutely essential that retailers know how GDPR will affect them and what they can do to be compliant. It’s important that your retail management system is GDPR compliant, so make sure and check with your retail software provider.


Important things to know about GDPR:

  • New GDPR regulations will automatically come into effect on 25th May 2018.
  • “Controllers” and “Processors” of data need to be compliant with new GDPR regulations.
  • Personal data belonging to people such as personal information and contact details need to be protected and can no longer be stored unless for specific purpose.
  • Businesses must ensure personal data is processed lawfully meaning the person has consented to their data being used; processed transparently, and for a specific purpose.
  • Consent by the person must be an active, affirmative action and businesses must keep a record of how and when the person gave consent.
  • Personal data includes names, addresses, email, phone numbers, and advanced information such as cultural background.
  • People can request to see the data a company holds on them.
  • Businesses must store people’s information on easily movable or deletable files such as CSV files


What retailers need to do for GDPR compliancy:

Retailers store customer information such as names, surnames, home addresses, email addresses, and phone numbers to use for either customer transaction history, or for marketing purposes such as sending out promotional material. Therefore GDPR compliancy is extremely important for retailers and they need to ensure they are protecting their data.

Retailers need to understand why they are holding data, where it’s stored, who is in charge of it, how secure it is, and what it’s used for. For retailers, data may often be held on multiple databases, and this can pose problems with new GDPR regulations. All data must be stored in one place, securely, and for a specific purpose.

Before 25th May, retailers must ensure the following:

  • All data is stored in one secure place
  • All data is recorded for a specific purpose
  • All personal data is consented to by the individual
  • Remove peoples’ data if asked to by the individual
  • Notify data protection authorities within 72 hours of a data breach
  • Appoint of data protection officer if your business deals with a lot of sensitive data


Consequences of not protecting your data

  • If you breach GDPR regulations, consequences can be severe such as:
    • You have a 72 hour deadline of your organisation becoming aware of the breach to inform your data protection authority of data breach that risks people’s rights and freedoms. You also need to inform the people affected by the data breach.
    • If you do not meet the 72 hour deadline, you could face a penalty of up to 2% of annual worldwide revenue, or €10 million, whichever is higher. For example, if you are a furniture retail with annual revenue of €5 million, you could face a penalty of €200,000 – or in this case, as it is below €10 million, you will end up paying the higher amount.
    • If you do not follow basic principles for processing data, such as having a legal basis for doing so, ignore a persons’ rights over their data, or transfer data to another country, your data protection authority could issue a penalty of up to €20 million or 4% of your global turnover, whichever is greater. For example if you are a furniture retailer with global turnover of €50 million, 4% of that is €2.5 million, where you will pay the higher figure of €20 million.


How retail management software such as Ordorite can help you become GDPR compliant

It may be difficult to become GDPR compliant on your own. Having retail management software can help you with all your GDPR needs. Retail software such as Ordorite can significantly help you become GDPR compliant in many ways.

  • It can store all your customer data in one secure place, ensuring you are legally GDPR compliant.
  • Our software allows retailers to electronically display and provide customers’ with terms and conditions, and for them to electronically sign consent, allowing you to store their data.
  • Individuals can electronically sign consent on our Point of Sale system, and on a signature pad; ensuring that individuals know what data retailers hold, and confirms an affirmative action via consent regulations. This shows data protection authorities you have legal consent from customers to use and store their data.
  • Our software allows retailers to text and email customers with important product updates and delivery schedules.
  • Electronic receipts are also sent to customers with digitally signed receipt, to legally consent of any transactions taken place between the retailer and the customer themselves.

All these actions can significantly help you become GDPR compliant. If you want to find out more information about how Ordorite can help your business with GDPR regulations, and other ways how our furniture inventory management software can help you manage your business operations, contact us today for a free demo and online consultation.