GDPR – GymLeads makes it easy for you

As of the 25 May 2018, all businesses that collect data about citizens from the European Union must have complied with a new regulation called the “General Data Protection Regulation” (GDPR).

It has been a huge change to the way businesses have been allowed to work with data, and changes would have had to have been made to make sure marketing and selling to leads was handled correctly.

At GymLeads, we are always working hard to ensure that all of our systems are GDPR compliant.

Lawful Basis of Processing

Under the GDPR, you must have a legal reason to use someone’s data. This could be because they requested information about your club, opted into receiving marketing or they are a customer that needs to receive updates.

How GymLeads will support this

We have added in a trackable field for leads that records the ‘lawful basis’. These will be set (and changed) automatically based on the source of the lead, and can be manually updated at any time. For custom lead sources, you’ll be able to set a default lawful basis.

Any leads coming into your account must have a lawful basis for processing. This means that any CSV imports that are processed must have this column before the import can be started.

Consent

Under the GDPR, leads must provide their consent to receive communication about marketing, or any other communication that is not related to their original enquiry.

Opting in means:

  • They must be told what they are opting into (the type of communication).
  • It must be done explicitly. You cannot pre-check checkboxes.
  • The notice must cover all the different ways you are going to communicate. That means SMS, email and phone calls.
How GymLeads will support this

We have added a new feature called ‘opt-in’ that can be enabled for a location (it will be turned on for locations in EU by default).

All leads in an opt-in location must provide consent to receiving any marketing communications from GymLeads.

Transactional communication can only be sent to leads that relates to their initial enquiry, and there are restrictions that we are placing on transactional communications.

More details about opt in, as well as the specifics between transactional and marketing communications, will be available early May.

Withdrawal of Consent

Leads need to be able to easily see what consent they have given, withdraw it and register an objection. This needs to be very easy to do.

How GymLeads supports this

GymLeads supports one click opt out for emails, as well as one reply opt out for SMS. They can also view the sender details and register a spam complaint.

We will be making a minor addition to the preferences page that shows the type of consent currently provided, as well as the date it was provided.

Deletion

Leads have the right to request their personal data be permanently deleted (not archived). This must happen in a timely manner and it must include all tracking details, notes, communication and more.

How GymLeads supports this

GymLeads permanently deletes all lead data by default. You can perform a GDPR compliant delete.

Access / Portability

Leads have the right to request a copy of their personal data (name, address, email, etc) as well as any notes and tracking history.

How GymLeads will support this

We currently have an export via CSV option that is available when a lead is closed. This option will be available to use at any time, and it will export all of their associated data.

Modification

Leads have the right to request you update any of their personal details if it is inaccurate or complete.

How GymLeads will support this

GymLeads supports updating a lead’s details.

Security Measures

The GDPR requires that sensitive customer data be protected by up to date and effective security practices.

How GymLeads supports this

GymLeads has a wide variety of data protection measures in place, however we’re also taking this opportunity to audit all of our systems for potential issues.

 

Disclaimer: This page is not intended as legal advice or as a detailed description of the GDPR.

 

If you’re interested in using GymLeads to help monitor your leads and how you market to them contact them here