Protecting our customers’ data: GDPR and the GoCardless Privacy Programme
Protecting our customers’ data is a priority for GoCardless. With the General Data Protection Regulation (GDPR) coming into effect in May, we welcome the opportunity to deepen our commitment in the area of data privacy.
We are making changes to our policies, processes, products and systems to ensure that we comply with the Regulation and continue to put data protection first. We’re also committed to helping our customers meet their requirements under the Regulation.
GDPR: A new data privacy landscape
Advances in technology over the last decade have led to the proliferation of personal data. More organisations are sharing and collecting different types of personal data than ever before: from IP addresses through to health data, purchasing behaviour, viewing preferences and more.
- From 25 May 2018, organisations who handle personal data will need to meet new legal requirements, as the General Data Protection Regulation comes into effect across the EU (replacing the 1995 EU Data Protection Directive).
- On the same day, the UK’s Data Protection Bill will pass into law, as the Data Protection Act 2018, effectively implementing the GDPR into UK law.
New Bacs Direct Debit rules make it easier for customers to switch provider
We’re delighted to share news that Direct Debit providers can no longer stop customers from switching to another provider, thanks to changes in the Direct Debit scheme rules, announced by Bacs on 10 November and supported by the UK Payment Systems Regulator (PSR).
We believe that every business should be able to move between payment providers freely, so we’re delighted that Bacs is making these rule changes, which GoCardless has campaigned for since 2015.
What is changing?
Under the old rules, companies who processed Direct Debit on behalf of merchants (sometimes known as Facilities Management or ‘FM providers’), could request that an outgoing Direct Debit provider transfer across all of a customer’s existing Direct Debit mandates to them, known as the bulk change process. However, the outgoing FM provider was under no obligation to meet that request.
The new rules, which take effect from January 2018, require all FM Direct Debit providers using the Bacs Direct Debit scheme to be certified by Bacs. As part of that certification, FM providers must commit to use the bulk change process.
A day in the life of our Head of Legal
I’m the Head of Legal at GoCardless. My role is really varied so there’s no such thing as a typical or predictable day for me - I get involved in all kinds of tasks from designing a new contract management system through to reviewing foreign law advice on our international expansion.
Starting the day strong (and a little bit bruised)
I love to exercise and try to fit it in each morning - I think it’s a key part of my day and helps me feel energised. For the past three months I’ve been taking part in CrossFit at CrossFit CityRoad - it’s great but a real challenge; I’m using muscles I didn’t even think I had, and the ones I have seem useless!
After my workout, I’ll head into the office where I’ll make breakfast before checking my emails. There’s a pretty amazing selection of breakfast foods, with (literally) dozens of choices of granola. I try not to succumb to granola temptation, and typically have scrambled eggs on a bagel.