With any sort of change like this, the affects it will have on your business will vary from that of other businesses.
But don't panic!
With a few simple alterations to how you run Salon Iris in your business on a day to day basis, you can be on the path to making sure your business is fully compliant with the upcoming changes.
We believe that GDPR compliance is a good thing for businesses and consumers. At Salon Iris Ltd, we are treating it with the seriousness that it deserves in order for ourselves and our customers to continue to deliver great service.
As a business, Salon Iris Ltd has responsibilities as a "data processor" and "data controller" in relation to how we store, access and use data provided to us. We are currently undergoing a full business GDPR audit to make sure that we comply with all the regulations as they currently stand. We would absolutely recommend that you do the same and that if required, you get in touch with qualified professionals who will be able to help you towards making sure that everything in your business complies with these upcoming changes.
In your business, you are the "data controller". You will collect data and you choose how that data is used within your business (formula histories, treatments, marketing etc). You are ultimately in control of the data that is provided to you by your customers.
Salon Iris is the "data processor" for your business as it is the software that helps you do the above.
BECOME GDPR COMPLIANT
There are a few basic things that you can do in Salon Iris in order to help you towards making your business GDPR compliant;
- Creating a database password - By having a database password, you protect the integrity of your data as no one is able to restore your database without this password, meaning data breaches can be prevented.
- Setting up passwording throughout Salon Iris - By making sure your staff have their own unique passwords and security settings in Salon Iris, you are able to track what is happening better throughout the system and prevent members of the team accessing areas of the system that they should not be able to use.
- Make sure you ask your customers about their contact preferences - When you are adding clients into Salon Iris, there is a tick box that asks whether a customer wishes to be contacted via email for marketing reasons. You should ask ALL of your clients (old & new) whether it is okay for you to contact them for each of these reasons. You MUST NOT automatically opt a customer in for contact. You can set your software to automatically 'opt out' new clients added to the system. Just follow the instructions here.
SALON IRIS FOR GDPR
There are also things that you will need to do away from Salon iris in order to make sure that your business as a whole complies with the regulations. We have made a basic checklist that you can work through to help set your business on the way to being GDPR compliant. You can find that here.
GDPR compliance is ultimately the responsibility of the business owner, and therefore you will need to make sure that you take all the necessary steps in order to make sure that your entire business is compliant with these changes. Please find below some good resources for business owners to use when looking into GDPR:
FAQ’s at https://www.eugdpr.org/gdpr-faqs.html
We would recommend as a starting point that you download the ICO 12-step plan and start working through each step. We would also suggest that you start an internal document to track and record your businesses approach to dealing with GDPR compliance. (For example, what steps you have taken to make your staff aware of the upcoming changes and the effects of this on their working practises).
Ultimately, we are not legal counsel. We can offer steps towards helping make your copy of Salon Iris GDPR compliant, however, this is only one part of your business and therefore, if you require concrete information as to making the whole of your business GDPR compliant, then you should seek legal advice on how to do so.