Good Privacy is Good for Startups
by Startacus Admin
Good Privacy is Good for Start-ups 
Cleary, privacy is really important to any business, but it takes on a special significance when it comes to startups. Richard Beaumont from Governor Technology explains why it is vital that your startup places customer / client privacy at the top of the agenda. For the past 15 years Governor Technology have been assisting businesses to understand and integrate new technologies into their operations, and we are delighted to have them on board to explain some of the reasons behind the need for focus on this area of business.
Over to Richard
"When you have an exciting new idea that you are trying to bring to market, it is natural to focus your limited energies on quick wins, and leave the worrying about the long-term to a time when you are more confident there is going to be one.
Those quick wins usually revolve around getting your offering to market, getting your first customers and getting their feedback for your next iteration. In the fast-paced world of tech start-ups these priorities are often even ahead of considerations like how the business will actually make money.
It is therefore easy to put issues like compliance and privacy into the ‘difficult things to do later pile’. After all, what’s the point of worrying about protecting customer data until you have enough of it, right? And the more data you have, the better placed you will be when you can figure out how best to make use of it, surely?
Unfortunately, this is the wrong way to look at things. And in a world where customer data is central to more and more business, getting privacy right is not just about boring compliance, it’s about the foundations on which your business will be built, including two of the most important – Trust and Value.
Gaining trust is key to any new business, you cannot grow your customer base without it. You want customers to trust you in what you do, like deliver your service promise. If you use customer data in ways they don’t like, or even lose control of it in a security breach – the resulting loss of trust can sink your business very quickly.
Many start-ups also look for outside investors to help them grow. An investor may like your idea but will be looking for a valuation that will give them the biggest possible stake. One of the key ways they do this is look for uncontrolled risks in the business. Risks attached to your data privacy practices and compliance, even if they are currently more theoretical than real, are an opportunity to lower the valuation, and leave you owning a smaller percentage of your business.
So how do you get privacy right first time and avoid this?
The two most important pieces of legislation you need to worry about from a privacy perspective in the UK are the Data Protection Act (DPA), and the Privacy and Electronic Communications Regulations (PECR). These laws are enforced by the Information Commissioner's Office, and their website has a lot of very helpful guidance.
Here are some basics:
The DPA covers the rules on the handling of personal data – which is any information that is or canbe linked to an individual. 
Generally you should only collect data if you need it, use if for stated purposes only, and dispose or archive it when you don’t need it any more. You also need to tell your customers how you use their information in a privacy policy.
PECR largely governs rules on contacting people for marketing purposes by either telephone or email. Telephone calling in particular is something you should be careful about, as the ICO has issued lots of large fines in recent months. The bottom line here is that to be safe, you should have very clear consent to communicate with people like this.
PECR also covers the rules on the use of cookies on a website. Although risk of enforcement in this area is low, there is a lot of consumer mistrust about how data is collected in this way, so expect this to become of increasing importance.
Getting cookie compliance right also helps you to prepare for upcoming changes to legislation in this area, which are set to make privacy issues even more central. The EU General Data Protection Regulation (GDPR) is a major overhaul of privacy rules across Europe, which are due to take effect sometime in 2017/2018. This may seem a long way off now but the changes will require some preparation. Expect to hear a lot about the details of this early next year as the legislation is finalised, but one sure fire headline grabber will be the levels of fines available to regulators, which may go as high as 5% of turnover.
Two important ideas in the GDPR, are Privacy by Design (PbD), and Privacy Impact Assessments (PIAs). PbD is a set of principles for building privacy into systems and processes from the beginning, rather than bolting it on afterwards. The GDPR requires you to follow these principles when handling personal information. Privacy Impact Assessments are project tools designed to help you follow PbD principles. The GDPR is very big on the idea of organisational accountability, and it is likely that being able to demonstrate that you have gone through a PIA process in certain circumstances will become mandatory under that new laws.
A big Startacus thank you Richard!
If you would like to learn more about Governor Technology, and the work that they do pop yourself over to their website, or check them out on Twitter!
Subscribe to our newsletter
If you would like to receive our startup themed newsletter, full of the latest startup opportunities, events, news, stories, tips and advice, then sign up here.
Crypto financial services startup Nebeus launches a £1.1m crowdfunding campaign to bring banking services to 2 billion unbanked people.
Zencargo, a digital freight forwarder on a mission to simplify global trade, announces its seed plus round, led by LocalGlobe, bringing total funds raised to over $4m
BleepBleeps - The lowdown on the tech parenting brand that's creating innovative connected products to make the art of parenting easier!
Lumen - The new dating app that's been specifically designed for over 50s to meet genuine like-minded singles...
Startacus teamed up with inaugural Innovation Nation 2018 to deliver Ascend, an all-Ireland tech startup pitch competition. The startups that will be pitching at Innovation Nation 2018 are:
Liverpool based startups and entrepreneurs take note - here's the lowdown on key startup support and help available where you are...
Thortful - The startup that's providing a creative card marketplace for designers, illustrators and photographers...
We are liking the sound of Feels FM, an emoji-powered jukebox using music as a positive coping strategy, & to find new ways to talk about mental health.
Innovative startups and businesses designed and focused on empowering and embracing female consumers.
P2P investment aggregator Orca raises £500K on equity crowdfunding platform, Seedrs within two days.
Published on: 1st December 2015
If you would like to enable commenting via your Startacus account, please enable Disqus functionality in your Account Settings.
- Digital freight forwarder Zencargo announces its seed plus round 24th Sep 2018 Zencargo, a digital freight forwarder on a mission to simplify global trade, announces its seed plus round, led by LocalGlobe, bringing total funds raised to over $4m
- P2P investment aggregator Orca raises £500k in two days 18th Sep 2018 P2P investment aggregator Orca raises £500K on equity crowdfunding platform, Seedrs within two days.
- Wincanton innovation programme W2 Labs looks to tech startups 18th Sep 2018 British logistics company Wincanton is looking for tech startups to pitch their solutions for industry specific challenges, as part of their returning W2 Labs innovation programme.
- Spotify for textbooks Perlego raises $4.8m 16th Sep 2018 Perlego - billed as the 'Spotify for textbooks' - has closed a $4.8m venture round, signalling a new chapter for the growing company on a mission to make textbooks more accessible.
