GDPR: Working As A Virtalent VA

Working with Virtalent as a Virtual Assistant means that you need to be fully versed and up to date in all matters relating to General Data Protection Regulation or, as you probably know it, “GDPR”.

The legislation around GDPR needs to be considered by you, on a daily basis.  So, we thought it would be useful to provide some useful guidance in this area.

All guidance contained below is provided for general information purposes only – you should always secure the advice of a trained, qualified legal professional to secure specific guidance on how GDPR applies to  your own business.

In Summary

GDPR is legislation aimed at protecting the way that personal data, for anyone based in the European Union, is processed, collected and stored.

As it’s legislation, it’s essential that all protocols and requirements surrounding GDPR are adhered to.

The Basics

Personal data is any piece of information that can be identified to a living individual.

This includes, but isn’t limited to:

  • Name
  • Date of birth
  • Address
  • Telephone number
  • Email address
  • Personal identification numbers and documents i.e. passport, driving licence, national insurance etc.
  • Number plates
  • Location data, using functions as that seen on mobile phones
  • Website cookie identifiers and IP addresses

Your Responsibilities

As a Virtual Assistant, it is highly likely that you will work with a client who needs you to process personal data.

In the event that this happens and you find yourself handling personal data, you are responsible for ensuring that you comply with all of the rules surrounding GDPR.

This means that you must ensure that:

  • Data is kept no longer than necessary
  • Data is used for specified, explicit purposes only
  • All data is handled securely, with appropriate security measures and protection
  • Data is used fairly, lawfully and transparently
  • Data is kept up to date and accurate
  • Data is used only when necessary and is adequate and relevant
  • Any data given is only used with the explicit consent of the Data Controller

This list is not exhaustive.

    Your Role When Working With Virtalent Clients

    As the person processing and accessing data, you are known as a Data Controller.  As such, you are required  to ensure that the responsibilities listed above are adhered to.

    If a client asks you to handle any data that falls inside the GDPR requirements, you need to ensure that you are handling any personal data with GDPR legislation at the forefront of your mind.

    It is important that you always check with the client to ensure that you are meeting any requirements their business might have, to ensure that you manage your client’s expectations.  This is as well as ensuring that you personally, remain compliant.  

    Should a client ask you to do anything that contravenes GDPR regulation, you must not do so.