In an age when we’re all spending more and more time online, and using the web to do everything from manage our finances to purchasing our weekly grocery shop, it should come as little surprise to learn that our data is a hot commodity.
It’s our personal data that helps social networking sites like Facebook transform from college dorm operations into multi-billion dollar empires. It’s our personal data that gives us access to online shopping and countless other web-based services, and it’s our personal data which, if it fell into the wrong hands, could well spell big trouble.
What can go wrong with the data we hand over online?
Whenever we fill in a form, enter our card details, or even just make an online enquiry, the information we enter -such as our name, phone number and email address- is stored on a server. Providing that server is secure, the only people who can then access that data are you and the company whose website you visited.
Yet one security breach could put your data into the hands of cyber criminals and others with less than honorable intentions. The same goes if the company you hand your details over to decides to go against the grain and sell that data to a marketing company.
In the case of the latter, the worst that’s likely to happen is that you’ll be inundated with annoying sales calls, junk mail or email spam. In the former, that big security breach could lead to instances of online fraud, causing you any number of financial problems if somebody uses your data to say take out a credit card in your name.
What is being done about it?
Thankfully, there are laws in place to stop this from happening. In the UK, these laws come under the Data Protection Act. This was originally established back in the 1980s, when big businesses began using computer systems to manage their customer processes. It was later amended in 1998 -and again in 2003- to account for the increasing use of the Internet in our daily lives.
The Data Protection Act states that companies and website owners have a duty to follow several ‘data protection principles’ which mean ensuring that information is:
- Collected and used fairly and accurately
- Is used only for its intended purpose
- Kept safe and secure
- Used for no longer than is absolutely necessary.
How does this affect me as website owner
If you’re running a website targeting UK customers which collects data from those customers, you need to be compliant with the Data Protection Act.
The Office of the Information Commissioner are responsible for ensuring that website owners are handling data correctly, so you’ll first need to register with them and inform them of what data you’re collecting, and why.
If you’re running an online store, you’ll need to use safe, secure processing methods. Many of the web’s best hosting companies offer secure eCommerce packages which come with everything you need to do this. We suggest you compare each package so you can find the best deal. There are many comparison sites, click here for more details.
Once that’s all up and running, you’ll need to be sure that your customers are informed of exactly what data you’ll be collecting and how it is going to be used. Ideally, you’ll place this information at what the government calls ‘the point of collection,’ or in other words, on your actual contact or checkout page, or anywhere else where you actually gather information from your visitors.
You’ll also want to be sure that you’ve included a comprehensive Privacy Policy and Terms & Conditions which outlay in greater detail how you manage the data you collect.
Doing so means not only are you complying with the law, but that you’re proving to potential customers that you’re a business they can trust, and in an age when we’re all becoming increasingly more vigilant about handing over our data, being a business people can trust can go a long way in ensuring your success.
