The Blog

Refined Running Website Launch

Welcome to Refined Running, an inclusive blog dedicated to improving running technique for individuals of all ages, skill levels, and aspirations. Whether you're an adult seeking to enhance your performance, a young enthusiast taking their first steps in this...

A Summer of Website Rescue – SOS

Summer 2021 seems to be where I discover websites (of course, built by others), where they are so crippled with numerous dangerous set up issues, or poor or no maintenance. One other these companies trades over £300k/month through their website, yet it is so dangerous...

Something to do while we are stuck indoors – Build your own church!

So, this idea has been three months in the making. I thought I'd make a model of our village church. From then it grew into something we were planning to print, and issue to the village for people to make their own church to support the roof repair fund. Well, now,...

If you don’t ask, you don’t get! New website for world class comic Tiff Stevenson

Watching Mock the Week, I really think Tiff is funny - So I googled to see what else she's in. Stumbled across her website, which didnt really work, so I emailed her to offer to fix it.  Well, 4 months later, and her new website is up and running. Enjoy!

Website Security ‘Must Haves’ for 2020

Forty years ago, we barely had computers. Twenty years ago we were worried about the millenium bug. Now with the breaking of the Twenties, the age of cyber attacks is well and truly upon us. With daily attacks breaching major websites, revealing customer details in...

Cotswold Childcare – One page website

Lesley from Puddleducks is branching out. With years of daycare expertise, there is now a big demand for ad hoc childcare services which she is satisfying. Take a look at to see if there is anything that can be done for...

PJG Garden Designs – A Labour of love

We've been running for a few months now. Peter came to me referred by Lyn at Martha's Attic. He had a very clunky old html website to sell his beautiful handmade wrought iron garden ornaments and furniture. Starting as a simple e-commerce site, it quickly became...

Wild Grace launches in Woodstock

Sinead took over Wild Grace in the early new year, and has hit the ground running. Her beautiful flowers, gifts, and cards are stunning. A stunning website was needed to complement these.

Video bringing property rentals to life

I was very lucky to be able to pitch to undertake video tours for a local home rental company. With some very clever tech, and just the right camera set up, these properties really do stand out from those with only images. Here's a sample.......

What do the new GDRP Regulations mean for your data?

Jan 11, 2018 | Frequently Asked Questions, General

General Data Protection Regulation

The new regulation takes the old Data Protection Act to the next level. Businesses and organisations need to act now to become prepared before the Act is enforced later in the year.

What Is GDRP?

The General Data Protection Regulation is the new European law which is designed to give increased protection to individuals, especially children, covering how data which is personal to them is stored. It gives incresed powers to people to be forgotten, and to see and delete information held about them.

Who does the GDRP affect?

It affects any organisation which holds data in any form about individuals. From employers, to retailers. From sports clubs to churches. If you collect data from people and store it electronically or otherwise, this will affect you.

A brief summary
  1. Whereas before, you might assume people consent to their details being held and used by you and you sending the odd marketing email, now, you have to have evidence of that consent..
  2. You have to take measures by law to protect the data you keep, and inform the ICO of data breaches, as well as the people involved.
  3. Someone should be in charge of data in the organisation. In a sole trader business, this would be the owner. In a large sports club, or retail business, a designated person needs to be placed in charge, with the remit to take decisions, and manage to all levels in the system including top level management.
  4. You need robust systems to check you have permission to hold data on people. This includes looking back, and if necessary, asking again.
  5. A published system for people to check data held on them, to amend if mistakes are found, and to delete their data.

So, what to do now?

1. Audit your data - Now

A quick conversation with a local dance school highlighted over 8 different places where data on clients and their children was kept. Little control over data security, and no records of permission sought for publicity emails, having assumed that registering their details was enough.

2. Check if you have asked permission

Permission to email?

Permission to take photos?

Parental permission?

Permission to pass details to other organisations? – For example if you are accredited to an organisation, passing details to them needs permission.

3. Review your privacy policy

Does it include every place data is stored?

Have you included social media?

Do you state how you will use images whilst still protecting people in the images, especially children by not using their names, or personal details about them.

4. Minimise data held to the absolute minimum

If you dont need addresses, then dont take them.

If you dont need dates of birth for children, then dont take them (a birth year might be enough for your needs)

5. Ensure Parent / Guardian permissions, and contact details have been sought

Children have all sorts of individual needs, and protecting their identity is paramount. Many parents will have different views and these need to be taken into account, and recorded. For example, ‘No photos on social media’ is a common one.

6. Communicate your policy, and how people can check and delete information held on them

Let all your clients / data subjects know what you’re doing, and how to get in touch to check any records you have in place

7. Audit your processes and data regularly to ensure it meets your stated policy.

Let all your clients / data subjects know what you’re doing, and how to get in touch to check any records you have in place

So, What Now?

We can assist in conducting an audit of known data sources, and access permissions. While your privacy policy will be tailored to your individual organisation, the audit gives you a great start in the route to compliance.

Here is the summary of ‘What to do Now‘ issued by the ICO.

About the author

Rob Jones

Owner Village Web Design

Rob has been creating websites since 2007. After leaving a career at commercial director level in high street retail and hosptality, Rob has focussed his skills on helping others reach out more via digital media. With over 500 websites so far, Village Web Design has helped organisations with websites, digital security, online advertising, CRM systems, as well as market research, benchmarking, and other business advice.

Let us help you grow Your business

Start the ball rolling by sending a message with a few details, and we’ll get back asap to start the ball rolling.

  • What is 6x8? (Sorry - we're getting a load of Spam!)