Ok I'll say it 'Data privacy'. Show us your contracts. 😜

I don't really want them. But who's thinking about this hard, and if not, why not?

How are your dealing with:

Basic identifiers (names, emails, etc.)
Sensitive personal data (health, financial, etc.)
Location data, address, gps
Usage/behavioral data
Are you storing the voice data, transcripts
What's your deletion, retention period (critical in privacy) for this data and if you are a data processor it's your responsibility (you probably are).
Are you collecting and analysing data
Is it stored on easily accessible shared infrastructure . Google sheets, airtable, make other
Do you have DPA (data processing agreements) with your client?
Who handles data requests and how?
Do you have a privacy policy detailing all this with sub processes and parts of the puzzle that you'd like to keep in a box?
Docs on access to all key components and logins of areas where data can be accessed.

You'll probably be OK for small business with low volume, probably... but if you are exploring the deals with bigger business who's clients are keen on ticking some big boxes 📦... time to get your business pants on.

It would be really good if someone with extensive knowledge in this sphere would pop in to say 👋

2 comments