Pubs opened at the weekend, brilliant news for the industry. But in addition to creating enough space to allow for the 1m+ distancing rule, many businesses will need to brush up on their data protection awareness.
The government’s high-level guidance for pubs, bars and restaurants is asking owners and operators in England to keep a temporary record of customers’ contact detail for 21 days. BEIS is designing a system to support this and that along with further guidance will be available ‘shortly’. But in the meantime, how can pubs, restaurants and bars make this burden bearable.
iCaaS have prepared the below 6 pointers for you to ensure you’re following the rules, but hopefully not putting off any willing customers and not falling foul of the data regulations.
1) Plan Plan Plan
How will you collect, store and delete personal data? Think each of these through now. Be wary of new apps on the market to allow customers to book and collect their data with often spurious or non-existent data protection information. You can’t just create paper documents that will end up in your general waste bin. You need a robust and simple process here. Over complicating it will cause you training issues and potential breaches.
2) Be honest
You need to tell customers why you need the data you are collecting and what you will do with it. Transparency is key. Ensure accurate privacy notices have been provided and any consents obtained are properly recorded and auditable.
3) What are you collecting?
Keep it simple, you only need to collect Name, Email/Phone number and Date of attendance. But all that data must be completed as mandatory. Ensure you have a (well communicated) plan for dealing with customers who don’t want to give their personal data. Most will be aware that being traced as someone who has been in contact with Covid will likely mean mandatory self isolation.
4) Stay Honest.
Assuming you’re only collecting the data for the Contact and Trace app, you cannot then use it for any other purpose (such as marketing).
5) Keep minimum information for the minimum time.
The government is suggesting 21 days for the data retention. You need to ensure you have a process to securely delete the data after this point.
6) Think about your team
Your team are already worried about PPE, serving customers, the new ‘normal’ so ensure you provide training and support to ensure they ‘get it’ without being fearful. Also think about the wider team that supports your business.
Our last point is to seek support if you need it, we know you have a LOT on just getting restarted. iCaaS are ideally positioned to help you audit your processes, create policies and store documents. We will also give you a data rating you can promote to ensure everyone knows your business is on the ball and one to work with.
We know it’s a headache, we hope our pointers have helped. Please contact us for more advice, support and information.
Myicaas.com