What is the GDPR’s “Right to Object”?
The “Right to Object” is one of the eight data subject rights that organisations must uphold in order to comply with the General Data Protection Regulation (GDPR).
Doing business online can be a bit of a minefield when it comes to privacy. In addition to the rules and requirements of data privacy laws, both businesses and customers have certain expectations about how their privacy is respected online.
To ensure you don’t overstep other people’s boundaries, here’s how you can practice good privacy etiquette as a professional.
While you may be on great terms with an employee or client, it’s usually best to keep work at work, and not friend-request or follow them on social media. At least not without asking first. Not only could personally befriending them add an awkward dynamic to existing professional relationships, it’s also an intrusion into their private life and personal time.
If maintaining this type of contact is core to your business and networking, opt for LinkedIn ahead of any other platform, as interaction on this space happens within the context of professional connection. As always, your safest bet would be to drop the occasional email greeting.
As a business owner, your partners, suppliers, and clients trust you to keep safe the business information they share with you. Whether it’s project proposals, pricing information, or strategic reports about their business, any accidental leakage of this information could lead to significant financial and legal costs — on top of potentially irreparable damage to your relationship with them.
Depending on the types of data shared with you, consider whether the storage and security method provides adequate protection in worst-case scenarios. For example, what happens if one of your hard drives is stolen? Are the cloud-based storage solutions you use really as private as you think?
As a service provider and employer, you should only use people’s personal information to serve the purpose specified at the time you requested it. For instance, if an employee gave you their home address so you can identify and contact them about their employment, you should never use or share it for any other reason outside of your responsibilities as an employer.
Whether this purpose was explicitly stated or implied by the circumstances, the etiquette is the same: you have a responsibility to the individual who entrusted you with their details.
This one may sound like common sense, but common sense isn’t always common in the real world. As such, laws like the General Data Protection Regulation (GDPR) have cracked down on spam email and unsolicited phone calls.
It’s still definitely acceptable manners to reach out to prospects through a personalised email or call, but a “no” (or request to unsubscribe) should be accepted as final, with all subsequent communications terminated.