In this episode we are going to be covering GDPR - and what to do with as a Band / DJ / Musician / Entertainer to make sure that your covered.
There's so much scaremongering going on in the business community about GDPR - Im going to show that with a little bit of work, you will be compliant in no time!Firstly as a disclaimer- I am making this video for advice purposes and if you want to fully implement GDPR to your business you should seek legal advice.
Im sure you have heard of GDPR and if you haven't this video will really help you meet the new regulations regarding Data Protection. You need to be compliant now! And if you hold any personal data i.e. email addresses, names, and phone numbers of european citizens you will need to comply with the regulation.
Even post brexit GDPR will still matter in the uk and if you don't have a proper policy in place and something happens - you could face a fine. If you google gdpr you are going to find a lot of conflicting information and most of it will not apply to your entertainment business.
Lets go through some of the main points that you will matter to your entertainment business.
The gdpr has 2 main objectives
"To give citizens and residents control of their personal data - Basically to give control of data back to the people"
"To put a single set of rules in place - There are lots of different data protection laws in place and its very messy, gdpr streamlines all the laws and regulations into one big policy to make everything clearer"
The gdpr is about privacy by default instead instead of privacy only if you opt out. With gdpr You are going to have privacy, unless you opt in. And you will have more rights to your information that businesses hold on you. This is good news if your a citizen, this causes a slight headache if you own a business. Even if you DJ at weddings as a part time business, your still a business and need to comply.
The gdpr understands that we respect, value and protect people's personal data and if you understand this, then you really don't have to worry about anything. You already might be doing the right steps to be complaint or maybe you need to knuckle down on a few things to get you over the line to comply.
The gdpr applies to all the personal data that you hold including suppliers, clients both past and present, employees (or band members both past and present), contacts and leads!
Lets get your GDPR sorted:
You must know and understand all of the data you hold. Where did the data come from, where is it stored and how are you using it?
Where does this personal data that you hold on people come from?
Does it come from Wedding fayres, contact forms on your website , enquiries or competitions?
Under gdpr you need to how you ended up with that data.
If you use booking management software like Overture, DJ intelligence or giggo then you are already covered for gdpr and this makes life a lot easier. All bookings that will be done through BookEntertainment’s integrated booking system will be fully compliant too.
If you are using a manual booking system then now might be time to change. If you are do email marketing to your customers you need to have some sort of gdpr compliant email marketing software like mail chimp to keep you covered.
As long as you take the time to set these up properly, you will know someone came into your world. Whether they are a wedding fayre lead, web enquiry, phone enquiry, social media enquiry etc..
Know exactly where your data is stored
Stop collecting data manually using your own systems, having booking management software and email marketing software that is already GDPR compliant means that you can run your business on their systems and let them worry about gdpr security.
This means that all your personal data is stored within these systems and nowhere else and its sorted!
Using these systems will also answer other parts of GDPR such as the person's right to Access, Rectify, Erase or Move Data.
How are you using the personal data you hold?
What are you doing with the data you hold? This has to be clear - People have given you details for lots of different reasons. Someone may of enquired about pricing a gig up which is a lead for you. You now have lots of personal data about that person.
Under GDPR you can only contact them about their enquiry and NOT anything else. The same is for past and present clients. You can only contact them about gig details only and that's all. The days of automatically adding them to your email marketing list are long gone. Under GDPR this will be enforced and you contacts will be more aware and less tolerant.
Use your booking management software for clients data and use your email marketing software for email marketing lists. This way it keeps your clients gig data separate from your email marketing data. If you want to market to your clients you now have to get their EXPLICIT CONSENT to do so.
If you rely on consent to process people's personal data, that consent has to be clear, specific and explicit.
Whats process mean? It means your using their data to do something with it.
If your sending out marketing emails out to people on file you could be doing everything ok but there are also a few things you need to tighten up. You can no longer assume that no one wants to hear from you unless you have their explicit consent and can prove that you have it.
Its no longer acceptable to ask people to opt out of your email marketing they now have to opt in and you cannot pre tick the box for opting in! When you are sending out email marketing communication you must have a clear unsubscribe button so that people can opt out. Again if your using email marketing software, this will come as standard.
You can encourage your existing clients past and present to be added to your email list by using your email marketing software to ask them to opt in. Just be clear in the email what they are opting in for. If they don't opt in then you can keep them on your booking management software and communicate about their gig info only.
What about people already on your email marketing list?
To be on the safe side you should send these contacts an email to opt in again for their consent, especially if you have taken the addresses without their permission.
You should screen shot your website contact form and save the screenshots somewhere safe to have proof that you have had opt in forms in the past. Always better to have it now than look for it later! If you already know where your data has come from and you have always asked for consent before adding someone to your email marketing list. You will have nothing to worry about and all you will have to do is tighten up your process a little.
Under the gdpr there has to be a clear record of how and when someone gave you their explicit consent to contact them. When you use an email marketing system this will be also be covered.
Other things to consider:
Email marketing is going to be a lot more tougher and I honestly think it's not going to be effective as it used to. But don't worry you can use BookEntertainment to promote your act online and take bookings without all the time wasting emails checking price and availability.
I hope this helps you get an understanding of GDPR and what you have to do to be compliant.