From accounts for our webshop over subscriptions to the newsletter to posts on social channels …
Because we want to analyze the profile and behavior of our target groups with a view to optimal customer loyalty, we often store large amounts of personal data.
Since the introduction of the GDPR legislation, we know that we cannot collect this data without permission. That is why we have provided our websites and our apps with well-written Privacy Statements and Cookie Policies.
But even if we only store this data and do not use it immediately for direct marketing campaigns, the GDPR legislation still imposes some requirements.
Properly managed data storage starts with a number of technical requirements such as an access system to your server room with unique identification for authorized employees or the installation of a firewall (both hardware and software) or the use of a good virus scanner that is regularly updated ( just like all your software programs by the way) or let your website function via a secure https connection …
In addition, a good security policy is equally necessary: disseminate a general code of conduct for ICT use, devise a security policy that only gives access to personal data on a “need-to-know” basis, make procedures for the use of well-kept passwords. A good password policy can already make a very big difference in keeping your data secure.
Therefore, look critically at the use of passwords within your company. Are they complicated? Do you adjust them regularly?