If you have a support question or comment, click the Post New Topic link below. Sytist Manual | Sytist Articles | Facebook Page.

Gdpr

 
Please log in or Create an account to post or reply to topics.
 
Allan Blackett
Thu Feb 08, 18
3:02 PM
Hi Tim

Im not sure how aware of the european General Data Protection Requirement (GDPR) but it comes in to force across the Uk and europe in May.

One of the important aspects of GDPR is that all 3rd party suppliers that hold client details need to be GDPR compliant too. Online gallery software, database software, accounting, etc. Even if you are complying, if your providers arent - includng website hosting - photographers can be fined.

I wondered if you were aware, and if so are you making any changes to the software.

Thanks
Allan

Tim - PicturesPro.com
admin
Fri Feb 09, 18
10:15 AM
This is the first I have heard of it and I have been reading up on it. Sytist is running on your hosting and none of your customers' data is stored anywhere else.

There might be some things I will want to add such "right to be forgotten". You can delete a customer account now, but may need to be able to wipe out customer information from orders without deleting the orders.

I will be doing more research on it.
 
 
 
 
 
Tim Grissett, DIA - PicturesPro.com || My Email Address: info@picturespro.com
Trailboy
Fri Feb 09, 18
1:37 PM
It's an approaching nightmare, and might tun out to be another law with huge unintended consequences.

I guess an important part is hacking. Are customer details encrypted at all using sytist?
Edited Fri Feb 09, 18 1:43 PM by Trailboy
Allan Blackett
Fri Feb 09, 18
3:07 PM
Thanks Tim, it's being talked about a lot in business and photography forums in the UK, so I thought it was worth flagging it up
Michael Weeks
Fri Feb 09, 18
5:38 PM
It might be less of an issue than many forms charging for training are making it out to be. Biggest point is having a GDPR info page on its own and as most photographers are not passing the data to a 3rd party there is generally no reason to register if you use the checker tool on the ico website

Mailing list is already an explicit opt in so that is a good thing.

Case law will decide.

What I have written here is based upon conversations with experts in the field of GDPR but that does not make my comments expert

Mike
Chris Nutt
Wed Feb 14, 18
8:28 AM
One of the focus points of GDPR seems the retention of customer data. From what I understand, the only key reasons why you should be retaining customer data is to fulfil a contract or a legal obligation. In the UK we need to keep accounts details for a period of 7 years - and I would imagine that any form of order tracking / records would probably come under the "legal" category. However we have a LOT of customers on our database who have not purchased, or logged on for a considerable time. Therefore is there any plan for Sytist to have a facility to "cull" these customers in bulk, based on date of order placed (maybe not a current issue as Sytist hasn't been going for 7 years...) or period of inactivity (i.e. no log-ons), or date of registration? I know that can be individually removed, but when there are thousands of registrations that method is impractical.
 
 
 
 
 
Loading more pages
Loading more pages
Sign up for email promotions.
Your information is safe with us and won't be shared.
Thank you for signing up!
 
©2003 - 2017 Grissett, LLC. All Rights Reserved.
Loading More Photos
Scroll To Top
Close Window
Loading
Close