Skip to main content

A new reality for data collection

Today, collecting data is fundamental in driving a succesful company. But if you don’t collect data in a secure and reassuring way, people will hesitate to share their data. Ultimately, this can mean that you risk losing a customer.

This blog is about how you as a company should act when you collect data about the people you deal with.

When do you collect data?

As a company, you collect data in different contexts and at different times to support your business goals. This includes:

  • Marketing and advertising
  • Sales activities
  • Market research
  • Creation and administration of customer accounts
  • Product and service development

A large part of this data will thus contain personally sensitive information. Regardless of the purpose of the data collection, it is therefore essential to follow the principles of data protection, including obtaining consent, minimising data collection and implementing secure measures to protect personal information. This ensures responsible and legal processing of data, which is essential for maintaining trust in one’s company.

Build trust when you collect data

Cyber attacks, data breaches and new privacy regulations have made people more reluctant to share their sensitive personal data online. This means that even well-established companies have a big challenge in relation to people feeling safe when the company collects information about them. However, this can create challenges, as a modern company typically collects large amounts of personal data every single day.

To make life easier for companies, we have prepared a list of what you should be focussing on in order to build trust when you collect data.

Get our Newsletter!

In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.

When you sign up for our newsletter you get a license for one user to ShareSimple, which will give you a secure email in Outlook. This special offer is for new customers only, with a limit of one freebie per company.

Do this when you collect data

1. Create transparency

Around the Internet, there are many products and services available, which contributes to the fact that users may have difficulty distinguishing between what is real and what is a scam. You should therefore focus on creating a reassuring experience when the user visits you:

  • Obtain clear and express consent from the persons whose personal data you collect
  • Clearly inform the affected persons about what data is collected
  • Specify the purpose of the data collection, how they are used, how long they are stored
  • Inform if the purpose of processing personal data changes
  • Use easy-to-understand language and avoid legal jargon
2. Minimise data

Minimising personal data when collecting data is essential to protect data. By only collecting necessary information, you reduce the risk of data being misused.

  • Collect only the data necessary for the stated purpose and avoid collecting unnecessary information
  • Only ask for consent for the purposes you have
3. Update privacy policy

Your privacy policy reflects that you know how personal data should be processed. Make sure that this is adequate and updated according to the latest and local data regulations where you operate. When people read the text, they should feel comfortable sharing their personal information with you.

  • Develop and maintain data protection policies that comply with applicable laws and regulations
  • Update the policies regularly to reflect changes in data processing practices or legislation
  • Describe the security measures you use when processing personal data
  • If you share personal data with third parties, make sure you have clear data processing agreements that define the division of responsibilities and security measures
  • Make sure you have a plan outlined in the event of a data breach
4. Protect data

Data lives and is transmitted via systems and services. As a company, you should ensure that you use secure systems and solutions when it comes to data that contains sensitive information.

  • Implement security measures to protect personal data from unauthorised access, leaks and misuse
  • Keep security measures up to date
  • Offer a secure method for people to send you personal data – read more about ShareSimple
5. Enforce data rights

All citizens have rights when it comes to how their personal data is processed. Make sure you are familiar with these rights so that you are ready to live up to your responsibilities as a data processor.

  • Respect the rights of the individuals whose data you process, including the right to access, correct and delete their personal data
  • Make it easy for people to request their data – Read more about RequestManager
6. Create awareness

It is your employees who in many cases have to handle personal data. It is also your employees who are your ambassadors to the outside world. Therefore, ensure that they have no doubts about what to do when personal data lands in, for example, their inbox, in a responsible way.

  • Educate staff on data protection obligations and regularly update them on changes in policies and procedures

Start your privacy cleanup with your emails

With an analysis scan by DataMapper, you can have all Outlook accounts in your company scanned. You will receive key statistics on all (current and former) employees' emails - including information on which emails, employees and processes generate GDPR risk.

A smarter way to collect data

At Safe Online we develop tools that make it easy to follow best practices to build trust in your customers and keep up with privacy regulations at the same time.

DataMapper – Find your sensitive data
ShareSimple – Send and receive data securely in Outlook
RequestManager – Process data subject requests easily

Sebastian Allerelli

Founder & COO at Safe Online
Governance, Risk & Compliance Specialist
Follow me on LinkedIn to get tips on GDPR →

GUIDE

How to handle sensitive personal data

GUIDE

How to find personal data with datamapping tool

GUIDE

How to prepare for a data audit