GDPR and Easystock 2018
Last updated 17th April 2018 - Data Statement
*** Please be aware that this document primarily concerns applications aurthored/supported by IJS Ltd. You may need to seek additional advice regarding any other applications you employ such as Payroll, Accounts, Payment processing, etc. ***
- GDPR Is coming - 25th May 2018 - Amongst which - You must be aware of your responsibilites towards the data you hold about your Customers.
- There is plenty of information available on line : Wikipedia is a place to start (New page)
- Gov.co.uk also has plenty of info on the subject . Here is the proposed law changes.Click here to go to gov.co.uk (Opens a new page)
- A special independent authority has been set up, Information Commisioners Office.Click here to go to ICO (New page)
As EasyStock is able to store details of your customers and the history of various transactions such as sales, repairs, calls, etc, you must also be aware of the administration of the database with regard to the details held and your ability to conform to the GDPR requirements.
As you will see (5th April 2018) by the ICO website, the proposals are still quite fluid. Therefore they can change as time goes by. You may need to keep checking the ICO web site to find out what, if any, changes have been made during the life of the proposal. The main issue is that a number of the requirements are subject to "testing" in a court of law. It may be found that some of the requirements may not be applicable or have to be altered once they have been subject to valid argument(s) in the courts. Some may need to be strengthened!
One issue we can see here is that a client/customer can request that their details are to be deleted/removed ("the right to be forgotten"), but there is also a requirement to keep financial details (Customer purchase history?) in the event of a request by HMRC to access. (Money laundering/Fraud?)
IJS Ltd have had a number of conversations with our current user base with regard to their concerns with GDPR and the EasyStock database.
From what we can glean, a majority of the requirements can already be observed within the application and the database. Items such as "The right to be forgotten", "Anonomising of data" can already be achieved.
What cannot be currently be acheived via the user application (although, with some knowledge, can be carried out using some other tools such as Microsoft Excel and MS-Access) is the ability to export/print the data held for a selected customer -
- * Make it easier and free for individuals to require an organisation to disclose the personal data it holds on them
- * Make it easier for customers to move data between service providers
IJS Ltd are also going to assume that the utility may need "tweaking" as new requirements are specified by gov.co.uk as certain elements are "tested".
Data statementWe have prepared a page detailing the data tables and data fields concerned with customers and those fields/columns which a user has full access to and those which are generated/updated automatically by the application.
Please visit the data statement page by clicking here
Please continue to revisit this page as the GDPR deadline approaches. This page will be updated as the new utility is developed and amended according to user feedback. Any amendments to this page will be dated and highlighted.