Get all of your marketing contacts into one database that can only be accessed by the people in your organisation that need access to it. Stick a password on that database.
Make sure that the ‘opt in’ to marketing communications on your website is a ‘Postive Action’. No longer can you pre-tick that check box! Also, keep the marketing communications check box seperate to agreeing to the Terms and Conditions.
Any data breach must be submitted to the Information Commissioners Office within 72 hours of that data breach taking place. The website for the ICO is www.ico.org.uk.
Make sure you have a WRITTEN GDPR POLICY about how you handle your marketing data. Share the policy with your organisation and let them know about any updates to the policy.
Get GDPR compliant NOW! Stop putting it off, stop passing it on to someone else.