Jump to content

  • Quick Navigation
Photo
- - - - -

GDPR and Customer Complaints


  • You cannot start a new topic
  • Please log in to reply
1 reply to this topic

#1 dani2511

dani2511

    Grade - Active

  • IFSQN Active
  • 9 posts
  • 1 thanks
0
Neutral

  • United Kingdom
    United Kingdom

Posted 08 June 2018 - 09:56 AM

Hi all,

 

We are a small company with no data protection officer - all data protection is being handled to the best of abilities by our HR Manager and E-Commerce Marketeer.

 

I am trying to implement a BRC Standard but due to the new GDPR regulations, I am wondering how much detail should we be expected to hold regarding customer complaints? Should we forgo the customer details section and simply categorise the customer (i.e. consumer, retailer, distributor) for trending?

 

How much detail are you holding in your complaints forms/logs following the new regs coming into force?

 

Our customer services team will need to hold the customers details somewhere to respond to the complaint, but would the QMS records need to hold this data too?
 

Apologies - inexperience and unavailable resources has lead me here!

 

Thanks everyone.

 

 


  • 0

#2 GrumpyJimmy

GrumpyJimmy

    Grade - MIFSQN

  • IFSQN Member
  • 120 posts
  • 27 thanks
2
Neutral

  • Wales
    Wales
  • Gender:Male
  • Location:South West
  • Interests:IronMan Competitor & Film lover
    IFSQN Member of the Month July 2017 and chuffin proud!

Posted 08 June 2018 - 10:47 AM

Hi dani2511, a minefield is what it is! A few key points below but according to GDPR,organizations must:

 

  • Only process data for authorized purposes
  • Ensure data accuracy and integrity
  • Minimize subjects’ identity exposure
  • Implement data security measures

It's a difficult one to interpret but i have read it as you must keep as little data on a person as necessary to identify them, they have a right to have it deleted and you must have sufficient data security to fend off pesky hackers who outside the context you use the data for, won't be able to use it for criminal means.

 

Personally we have customer records who have a specific identifying code number and with regards to complaints etc i use the code to identify them so if there is a problem i can further get their info.It means we are not doubling up on peoples data which might become inaccurate and there is less data to find. 

 

That's all i got, sorry

Jimmy


  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users