Disclaimer: Content is for informational purpose and should not be used as legal advice for GDPR.


What is GDPR?

GDPR is a new set of regulations on how companies handle personal data. These regulations increase the responsibility for the companies that store and use individuals’ data to provide services. It stands for General Data Protection Regulation & replaces the previous EU ‘Data Protection Act’. 

Our rule of thumb is ‘the customer owns their data wherever it is’: Customers should know what you do with their data, be able to access it if they want and be able to have it deleted at their request. You will now have to have a customer’s explicit permission to store and do something with their data.

Don’t panic! Responsible businesses who respect peoples’ data should find GDPR compliance straightforward. 10to8 has some tools below to help your business be GDPR compliant with 10to8. We have also picked out some information that we have found particularly helpful in getting our systems fully compliant:


  • Helpful information from the UK ICO

  • For the Beauty sector here.

  • For the Healthcare sector here.

  • For Tutors and the Education sector here.

  • For the Finance sector here.

  • EU Legislation there.


Is 10to8 GDPR compliant?

Yes. It is important that your business is also compliant.


What does 10to8 do to help businesses get GDPR compliant?

We are working on new features for 10to8 that will help you be GDPR compliant. These improvements will help with: Seeking customer permission, ownership and management of data, protecting confidentiality of customer data and data security.

You can read more about these here.


Steps you should take to be GDPR compliant.

  1. We recommend that you ensure that you have consent from all your customers to use their data for the purpose for which you hold it, e.g. sending reminders to clients.

  2. Making sure your customer data is stored securely - it is in 10to8, but it is worth making sure you know who has access to both what is in 10to8 and any other systems that you use.

  3. We recommend training your staff about GDPR and its implications.

  4. Make sure you have policies in place for retaining customer data.

  5. Make sure you only hold customer data for a reasonable amount of time.


Disclaimer: Content is for informational purpose and should not be used as legal advice for GDPR.