Saleboat, GDPR and POPI
Disclaimer: Please note, that these are our personal views and we are not qualified to provide legal advice. Please consult with an appropriately qualified and experienced person to ensure you stay on the right side of the law.
GDPR and POPI aim to protect a person’s personal data and make it easier for a person to control how their personal data is used and distributed. Personal data is anything that can be used to identify an individual. This includes email addresses, physical addresses, phone numbers and names but also includes other data such as IP addresses and photos.
Do you need consent to store data in Saleboat?
Technically, you do not need consent to store information in Saleboat. You need consent to communicate with an individual whose information is stored in Saleboat. It’s a good idea to inform people that you are storing their data and how you will use it, then get their permission to use their data. People may also request that their data is deleted and you must comply with their request.
Saleboat provides the tools you need to remain compliant and we are consistently improving our service to make it simpler to go out and make sales.
What is consent?
Someone handing over a business card or giving you an email address to enter a competition is not sufficient. The user has to explicitly consent to how their information is used. Be sure to let people know how you are storing their information and how you intend to use it.
You cannot ask a person if they want to opt out of you using their data for whatever you like. The person has to specifically opt-in to you using their data for a specific purpose. You can’t contact a person under the assumption that they’ll tell you if they don’t want to communicate with you anymore.
Buying Lists of Leads / 3rd Party Consent
A person has to consent to a specific organisation using their data. That means contacting someone based on a list you bought, even if the person who you bought the list from had permission to sell it to you (which is unlikely), is not allowed. Just don’t do it.
Who does the law apply to?
GDPR is in effect for all members of the European Union, including the United Kingdom. Any person or company conducting business or making products or services available to persons within the EU must comply to the law. It does not apply outside the EU. POPI applies in South Africa. Many other countries do have their own privacy and data laws in place.
The data of European citizens must remain in the EU. Don’t worry, at Saleboat we store all our European user data in Europe. We consistently work on improving our security and doing our best to make sure any data you store on Saleboat stays safe.