Book a demo

Save time and money with Paprika

Paprika is the leading job costing, billing, workflow management and accounting system for creative agencies.
Our fully integrated system helps drive efficiencies, streamline processes, increase profitability and enable agency growth.

Download the brochure

April 24, 2018 • News

General Data Protection Regulation- 2018

On the 25th May 2018 the General Data Protection Regulation will be put into place. If you’re ahead of the game and have already heard of it you’ll be aware that you only have a month to go until the regulation becomes official and affects all of us one way or another. It will affect the way we work, from the way we handle your personal data, to the way you handle your own client’s personal data.

What is GDPR?

The EU’s General Data Protection Regulation is the result of years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used. The drivers behind GDPR are twofold. Firstly the EU wants to give people more control over how their personal data is being used, bearing in mind that many companies like Facebook swap access to people’s data for use of their services. By strengthening data protection legislation and introducing tougher enforcement measures, the EU hopes to improve trust in the emerging digital economy.

So what does GDPR have to do with Paprika?

Personal data under the new law is defined as any data that can identify an individual, either by itself or in conjunction with other data. To improve privacy rights the new GDPR will give individuals a lot more control over their particular data, by monitoring the way it is collected, used and how long it will get stored for. As providers of software, we are giving our clients the tools to ensure they can comply with regulations, and demonstrate our own compliance in the way we store and handle our client information. The data we currently hold has been reviewed over the last couple of months and we have come to the conclusion that not all of it needs to be changed but some adjustments have been made and clients have been informed of these changes.

React being made GDPR compliant

As you’ll have read, React- now known as the contact centre, has had a complete makeover, but we haven’t forgotten to make it GDPR compliant too: our development team have added additional fields to the Name pane on a React Record

  1. Consent- This will be a tick box which defaults to Off (to indicate no consent given)
  2. Expiry date of consent- This will be a date field. The expiry date can be set according to your individual privacy policy and GDPR notice
  3. Reason for Consent- This will be a free text field and can be used to detail the nature of consent. As an example, a client who has consented to receive marketing material regarding future seminars would have the consent flag set “On”, Expiry date entered in line with your privacy policy notice and reason entered as ‘Seminars and Courses’

This is just an example of one of the many updates our development team have made to Paprika to make it GDPR compliant and which will be released at the beginning on May, so keep your eye out!

Who does the GDPR apply to?

Controllers and processors of data must abide by the new GDPR. A data controller states how and why personal data is processed, while a processor is the party doing the actual processing of the data. So the controller could be any organisation, from a profit-seeking company to a charity or government. A processor could be an IT firm doing the actual data processing. However if your controllers and processors are based outside the EU, the GDPR will still apply to them so long as they’re dealing with data belonging to EU residents.

When can we process data under GDPR?

At Headquarters we are well in the process of making our databases GDPR. With only a few weeks to go it shouldn’t be something you do at the last minute, it’s a process that needs a lot of analysing and communication amongst colleagues to make sure you have covered all bases. Once the legislation comes into effect, controllers must ensure personal data is processed lawfully, transparently, and for a specific purpose. Once that purpose is fulfilled and the data is no longer require, it should be deleted.

Will Paprika clients be affected?

Here at Paprika we take your privacy seriously and will only use your personal information to administer your account and to provide services- such as help-desk support and the hosting services- which you have requested from us. We will never share your information with third parties. You can find out more about your rights, choices and how we use your information in our up to date privacy policy which will be effective from 25th May 2018 and you’ll find it by visiting paprika-software.com/privacy-policy. If however you decide you don’t want to receive our latest newsletter then simply unsubscribe below and you won’t hear from us after the 25th May.