How GDPR Will Directly Affect Infusionsoft Users

The GDPR (General Data Protection Regulation) that comes into force on 25th May 2018 will help protect EU residents against cybercrime and data breaches by ensuring the data protection policies of all firms in the EU are of a high quality. If you would like to know more, our page on GDPR and Website Marketing gives a more in-depth view.

What are the GDPR Responsibilities for Infusionsoft Users?

To comply with GDPR, each entity first has to decide whether it is a data controller or data processor. A data controller will be the driving force behind which personal information is kept and why, whereas a data processor stores and processes that information for the controller.

As an Infusionsoft customer you are likely to be a data controller, and Infusionsoft will be your data processor. As a controller you have to make sure you have a reason for each and every piece of data that you are holding on an individual. Although it will depend on the size of your company, smaller firms who typically only use personal data to market their own business will not have to necessarily appoint a specific DPO (Data Protection Officer), a representative in the EU, or register with the ICO (or the governing body responsible for GDPR in your resident country).

The main reason for this regulation is to tighten up the internal processes within a company, so that if you can show that you have thought about these regulations and have taken steps to protect the data you hold, that should be sufficient. This just means that you need to make sure you know why you are holding sensitive data on an individual, that you have a valid reason with respect to GDPR, and can protect it adequately from being stolen.

What Infusionsoft Users Need to Do

As you will be collecting sensitive information, you need to make sure that the person the data relates to has consented to its use. The easiest way to ensure this is to have a double opt-in on your email list forms, as this proves that consent has indeed been given. If you haven’t been gaining consent for your email lists up until now, you might need to ask the individuals on your list for consent specifically for GDPR so that you can keep a record of this. However, there are other reasons for holding data that do not rely on consent which may save you obtaining consent retrospectively.

Article 6 of the GDPR allows you to keep data on an individual if you need it specifically to complete a contract, for example, if you sell goods online you might need an address to know where to send your products. The storage of this address will come under this clause and you won’t need to obtain additional consent for its use.

There is also a clause that allows you to keep data if it is in the ‘legitimate interest’ of  your company, but this is more loosely defined and you might fall foul of the regulations if the governing body in your country disagrees with your definition. For instance, if you have the email address of a customer because you have previously sold them a particular item, using this address to let them know that you have similar products that they might be interested in could fall under the realm of ‘legitimate interest’. As the rules have not been tested yet, and the regulatory bodies have not categorically clarified this clause, no-one can say exactly if that will be allowed. Therefore, it makes sense if you are simply marketing to your previous customers or keeping them updated on news or offers, then it is best to make sure you have a record of their consent regardless.

Additional Resources

For more information about GDPR, take a look at our post on how Infusionsoft are complying with the regulations.

If you give away a lead magnet as a way of persuading people to part with their email address, we also have a post about GDPR and Lead Magnets which explains how this process works, as well as one on GDPR and Facebook.

How We Can Help

And We Do This is an Infusionsoft Certified Partner and we can point you in the right direction for help and advice for achieving GDPR compliance. Get in touch to find out more.

More To Explore

Coronavirus: Help For Your Business

Let’s not beat around the bush here – the Coronavirus Crisis is hitting a lot of businesses really hard. Your orders may have dried up overnight or you’re suddenly having to cope with trying to run your business from home. I’d like to help with some resources that you’ll find really useful: [FREE WEBINAR] How

Do you have a general question about what we do? Here's how to get in touch...

Email

Drop us an email at [email protected]

Telephone

Call FREE 0800 634 92 96 or 01573 440355

Our normal office hours are:
Monday to Friday 8.30am – 5.30pm

Live Chat

Check the Live Chat tab at the bottom right of the page to see if we’re online right now.

Voicebank

Please use our Support service if you are a customer and you are experiencing issues with any of the services we directly provide for you, or if you would like to request updates, amendments, etc. We will get back to you as quickly as possible.

Email

Send an email to [email protected] and a support ticket will be automatically raised for you. You will be notified by email when we have responded to it.

Clicking the button below will open a new email for you, already addressed to [email protected].

Voicebank

Call our Support Voicebank on 0333 335 0056 and leave a message. Remember to leave your name, details of the issue you’re experiencing and the best way to reach you.

We’ll get back to you as soon as possible for any further info that we need to resolve your issue and to keep you updated on progress.

Please use our Support service if you are a customer and you are experiencing issues with any of the services we directly provide for you, or if you would like to request updates, amendments, etc. We will get back to you as quickly as possible.

Email

Send an email to [email protected] and a support ticket will be automatically raised for you. You will be notified by email when we have responded to it.

Clicking the button below will open a new email for you, already addressed to [email protected].

https://securecart.andwedothis.com/jumpstart/