Post lockdown growth

In mid-March my son came down south to visit from the University of Manchester. He had brought only a few days’ clothes, as it was a flying visit.

Then lockdown struck…

Over the years my son’s peace lily (yes, he got it because of the movie) has survived several moves, but it wasn’t equal to the task of surviving his extended absence. See the picture above. It was a casualty of the pandemic, one which is so minor as not to warrant a mention.

So why do I mention it? Perhaps because it provides a useful analogy: it was lost not because of a lack of care or planning – the pandemic wasn’t something we had encountered before nor had we planned for it.

To a certain extent, this is what has happened to businesses (and lives) up and down the country. All over the world, in fact. Some businesses have failed, while others thrived. For the most part, clothing retail is struggling to recover. Plans hatched at the start of the year have had to be revised or even thrown out altogether.

My son is now back in Manchester (having married his sweetheart in July), reunited with all his clothes and with a new plant to replace the peace lily. If only business recovery were so easy!

Ahead of us is probably the second wave, and then Brexit. Hopefully lessons learned from the first wave will be applied to ensure growth in the months and years ahead.

Of course I didn’t just write this piece to while away some time. I want to offer my help where I am able.

What do I offer?

I have extensive experience within Retail and Wholesale IT and Supply Chain as you can see from my profile. If you need assistance creating and executing plans to weather the challenges that lie ahead, please do not hesitate to contact me. My details are:

Email: john.romeis@verdandiconsulting.co.uk
Mobile: +44 (0) 7885 274 127

The start of something new...

And hopefully I can play a role in nurturing your business growth as we all try to recover from this once-in-a-lifetime event that has caused huge disruption and some serious pain.

GDPR: getting past the FUD

In respect of GDPR, the EU commission’s website states:

As of May 2018, with the entry into application of the General Data Protection Regulation, there is one set of data protection rules for all companies operating in the EU, wherever they are based

Stronger rules on data protection mean:

  • people have more control over their personal data
  • businesses benefit from a level playing field

This includes us in the UK and will continue to be the case post Brexit.

As a business, hopefully you have started to address your GDPR issues, no matter how small or large they may be, because there’s not much time before they’re enforced in May of this year.

Of course there have been a lot of operators (mostly good, some bad) out there warning about the financial and legal implications of not being 100% compliant by then. This is where some of the Fear, Uncertainty and Doubt (FUD) arises.

Some issues to be aware of

  • As a business, you will need to identify what personal (not only customer) data you may hold and process.
  • Remember that your staff information is included here – such as payroll information – and the processors of this data are under your purview as well.
  • Of course personal data is not only held in that really secure database of yours but probably lurks in spreadsheets or report extracts in folders on your servers, which are more susceptible to finding their way into the wrong hands, usually in error.
  • Have you addressed the interfaces with any data processors, such as other businesses emailing your customers on your behalf, as well as understanding what efforts they have taken to address their internal GDPR issues which over your interactions with them?
  • Do you have documentation (risk assessments) in place outlining how you have addressed your GDPR requirements? And do you have policies and procedures in place to deal with
    – requests for data held,
    – deletion of said data,
    – any data breaches that occur and how they are to be reported?
  • Lastly, but probably most importantly, are your staff aware of their responsibilities in respect of GDPR?

Best practice

GDPR is in essence not something new, it’s really just a more rigorous application of the DPA (Data Protection Act) with clearly defined processes for dealing with breaches (fines, legal action, etc).

Most of it is common sense application of certain guiding principles to prevent misuse of personal information, giving the owner of the data control over how the data is used and what information is held about them.

Some useful links can be found below:

If you haven’t started yet, look here: 12 Steps

Getting ready for the GDPR an automated check list tool

GDPR – sorting the fact from the fiction, a blog by the UK ICO, Elizabeth Denham

Action taken by the ICO, a collection of various actions and fines meted out thus far (so not toothless).

And here are some definitions

Finally…

Should you have outstanding issues or questions with regards GDPR, please do contact us and we will address your issues as quickly as possible.