GDPR: New Sign Up, Privacy Policy and Confidential Email System

Phew, it is a good idea in principle to make sure people’s data is safer, but, boy, it takes a lot of time, thought and hard work to, first, understand what it all means, and then to work out what you need to do! Here’s a summary of some changes I have made that may affect you. I’ve always kept your data safe anyway with password-protected sites, not sharing it and suchness, but I need to be able to prove that I keep it safe. It’s been a good chance actually to check systems – which I suppose it what it was designed to make businesses do!

Newsletter

You’ll no doubt have seen my recent emails to people in the EU who were subscribed to my Purehealth newsletter. I have always used double-opt-in methods so shouldn’t have needed to get people to re-subscribe, but I thought I had better be safe and also use it as a chance to make sure people really wanted to receive my newsletter rather than just not opening it every month and ignoring it. I’m interested in quality followers who care, not quantity!

Happily, well over 40% of people have resubscribed with most businesses apparently getting an average of just 10% (eek!) so, even though, I feel the loss of quite a few of our Purehealth family members, I am so pleased at that loyal retention rate, thank you :). I will endeavour to make the newsletters even better and send you nice stuff to reward that loyalty.

Oh and if you’ve not resubscribed yet or it’s past the 25th May 2018 and you want to re-subscribe (as you’ll have been deleted by then), you can do that on the blog page here.

Test Results

I have normally sent your test results out over email. I use G Suite for Business which means that the emails I send out are encrypted and much safer than standard email providers. However, to make it even safer, I will now be trialling Stay Private, an encrypted email service.

Practically, you will get an email saying you have received a confidential message from Purehealth with a button to click to read it. It will then ask you to create a 4 digit pin number, which will allow you – and only you – access. You then use that same pin any other time I send confidential stuff to you.

It looks like this….

Dear Fred,

You have received an email from Micki Rose. This email is classified as sensitive and may only be accessed from within the Purehealth Clinic Secure Portal. To read the message please click the button below and enter your 4-digit PIN.

 
  Read Message  
 

If the button above doesn’t work, paste this into your browser: https://purehealthclinic.secure-comm.com/ao/?invite

Yours sincerely,

Purehealth Clinic Secure Communications

I know it’s another pin number to remember, but I think it is wise nowadays to send stuff like results with your details on as confidentially as possible. Some of my colleagues are doing the same thing, and I think you’ll see more of it in the coming months.

Any issues with this, let me know. We’ll see how it goes. It might be that G Suite email is perfectly safe enough for data, but this system is preferable if it suits us.

New Privacy Policy

As needed by new GDPR rules, I have updated the Privacy Policy and Terms & Conditions for us, so do have a read. By ordering and communicating with Purehealth, you are deemed to be OK with them.

In effect, you give me your data by ordering something on the shop, emailing me or contacting me via live chat, phone or social media. The data is held under legitimate interest, a legalese term that just means I can’t do what you’ve asked me to do (send a test kit/answer your query etc) without it. I can’t use it to send you the newsletter or bombard you with sales messages (not that I have ever done that!) and that’s why you have to click the new GDPR checkboxes when you subscribe as it gives me marketing permissions then.

I only hold onto that legitimate data for as long as I need it and stuff is regularly deleted.

Clear as mud? I thought so 😉

Just wanted you to know I am on top of it, that your data is safe with me, nothing much will change except the new test results confidential email service – and to say a BIG thank you to those of you staying with me. It means a lot x

 

2 Replies to “GDPR: New Sign Up, Privacy Policy and Confidential Email System”

  1. This is all happening at a time when I’m about to change server. Sigh. As if it wasn’t complicated enough. I’m trying to change how I contact you to my permanent author address.

    1. I know Anna, I have changed mine to an NAS server too now. If you want to change your address, just resubscribe with the new address on the blog and I can delete the other address for you if you ask me to. Time was I could add you manually, but no more!

Leave a Reply