On a quiet weekday afternoon in Woodham, Simon, who doesn’t have anything better to do, decides to mind someone else’s business. As usual, the first person he thinks of is Dave, the unfortunate proprietor of FinalVinyl, so Simon pops into the main Woodham store. Bemused to find it apparently abandoned, he quickly becomes aware that somewhere behind the counter, hidden from view Dave is rummaging around, apparently treading water in a sea of papers.
“OK – I presume there’s a reason for this chaos” says Simon.
“Certainly is. I’m setting up a sort of loyalty scheme for my best customers.”
“And how, exactly, is this chaos contributing to that?”
“I’m just sorting out the paperwork.”
Simon laboriously extracts some of the details from Dave, namely that FinalVinyl is proposing to offer a loyalty discount to good customers, based on a sliding scale by which the amount of discount increases by correlation to the amount of money spent.
“How will you work out who your best customers are?”
It transpires that Dave has notes of the names, phone numbers and sometimes e-mail addresses of some of his repeat customers – the kind of people who leave their details with him if they’re on the lookout for some particular vinyl rarity. “I thought I’d just set up an e-mail circulation list and let everyone know. Shouldn’t take me more than an hour or so.”
“Sounds like a plan – and a sight better than just having names and addresses littering the shop. The data protection people would be apoplectic if they saw this.”
“No, it’s fine”, says Dave. This is just names and numbers and stuff. No bank details or anything confidential. And anyway, none of it’s on computer yet.”
“Wrong on both counts. Personal data is basically anything that can be used to identify someone. You’re not allowed to store personal data in any form unless you handle it properly. And believe me, scribbling names and phone numbers on little sticky labels and sticking them on the till does not count as proper handling.”
“What does count as proper handling, then?”
“There are some data protection principles you need to follow. Things like keeping personal data up to date, and accurate, secure, dealing with it fairly. I can’t remember them all, but I know how to find them.”
Dave hazards a guess: “Simplify the Law, maybe?”
“So what do I do now, then? Do I have to register with someone if I’m holding personal data of my customers?”
Dave is wishing he’d never mentioned it.
“I wish I’d never mentioned it,” he says.
“And where will I get one of those?”
“Need you ask…? Now, we should have a word about cookies.”