GDPR and BIDs – an opportunity to think about your data!

As we approach the start of GDPR on 25th May, many will have visited the ICO web site, been to some sort of GDPR seminar and read as much as you can about the implications and policies you need to think about. But what about BIDs and GDPR?

BIDs handle a lot of personal data relating to businesses, organisations and consumers and the BID and its Board of Directors have a responsibility as a ‘Data Controller’ for complying with Data Protection regulations.

Even Directors of BID Boards who will have started or even completed preparation within their own organisations will either dismiss the whole concept of GDPR being relevant to the BID or at best may only think about some of the data issues which exist for a BID.

I am sure you are aware by now, that there is a wide range of information which constitutes personal data, from a person’s name to images on body cams and promotional material to location data and loyalty app records. The ways in which BIDs collect information about people is increasing and so therefore is the range of ‘personal ‘data’ which would be classified as an ‘identifier’.

There is a need for the BID to satisfy itself that any organisation or individual that it works with is GDPR compliant, and similarly will need to be able to demonstrate to them that the BID is GDPR compliant.

The local authority relationship will also need to be covered under an updated Operating Agreement. If data is shared with other organisations or individuals, there needs to be a Data Sharing Agreements in place with those parties.

The BID Regulations themselves only go so far in terms of covering the BID from a ‘Lawful Basis’ perspective for keeping, processing and sharing data and this will need to be addressed at some point. Although there is much to think about in terms of data use for a BID, as we have found, it’s also an opportunity to ensure that the systems upon which an effective and productive BID are based are even more streamlined, focussed and secure.

To find out how we can help your BID prepare for GDPR click here.