Are you GDPR compliant when people visit?

GDPR extends further than Data Protection Policies, Website Cookies and Privacy Policies.

It is more than getting consent for marketing and/or other purposes using double opt-in check boxes.

GDPR applies to ANY processing of personal data……and this includes visitor management.

Visitor management (e.g. contractors, cleaners, PT clients, etc) is crucial for security, fire register and audit trail purposes. This has historically been done via a pen & paper visitor sign-in book at reception. But this no longer meets legal criteria.

Data must be secure and confidential at all times, with only the minimum information necessary being recorded.

Utilising an electronic booking system is a good way to meet requirements and can also serve as a briefing tool and auditable trail for important on-site document briefing such as emergency evacuation plans.

This also means most places with visitor sign in facilities for the purpose of a fire register also need to be registered as Data Controllers with the ICO.

Accident books are also affected and consent to record personal data should be obtained. Adding this information to an electronic booking system waiver is a good way to cover yourself.

Breach of GDPR/Data Protection Regulations carries a hefty fine. The year since the Regulations came into force has seen over 95 000 complaints and almost £45million in fines issued.

Be committed to data privacy.