Covid-19 | Open as usual and here to help

We're open as usual

Quattro is open as usual to help you with HubSpot whenever you need us. While our office in Stratford upon Avon is closed, the team are all working remotely.

How to get in touch

Our usual office number (01789 608015) is still the right one to use. If you want to get in touch out of office hours you can email us at or fill in our contact form.

Remote-Working_crop READ OUR GUIDE TO REMOTE WORKING Continue Browsing Site

Changing the Definition of Personal Data – GDPR Guide

27 March 2018| Joy

HOME // BLOG // Changing the Definition of Personal Data – GDPR Guide

The world has changed in the last 20 years. This is the last time that the laws governing privacy and security were updated. There is much we as a society need to do in order to protect our fundamental human rights. We only need to look at the advancement in cloud-based software, smart gadgets, social apps and email marketing automation. No wonder it’s taken 4 years to prepare these EU General Data Protection Regulations. These series of blogs give you tools, tips, guides and jargon free information to help you become GDPR compliant. Discover how the definition of ‘personal data’ has changed.

The definition of ‘personal data’ has historically been quite a general term. GDPR have widened this definition. These are the main areas that specify the different kinds of personal data under the regulation:
  • IT – This is a new area to be affected by data protection regulation but this very software is a useful tool to help us with our data storage, segmentation, historical proof, encryption methods etc.,
  • Identifiable Data – Basically any data that could be used to identify a person, for instance: genetic, mental, cultural, economic and social information.
  • Specific Personal Information – This covers the obvious name, address, telephone number, medical info’ etc. Employment records are the obvious area that this falls into.

Due to the new kinds of ‘personal data’ listed above it will be unlikely that there will be any businesses unaffected by GDPR requirements. Read a previous intro to GDPR blog here to get a summarised overview.

There are Methods and Processes to Help Your Business Comply

As a company, it is your responsibility to keep secure the personal data you hold. Some examples of methods you could use to comply to GDPR regulation are:

  • Use of pseudonyms or encryption of personal data.

  • Traceability, tracking changes to your company’s database and logging those changes. Also recording those responsible for the changes.

  • Monitoring of data access and activities. Note and block unauthorised access activity.

  • Use a CRM that tracks a user from website application to the shared database user and final data accessed such as the free HubSpot CRM tools 

Get access to your free CRM

HubSpot software makes some of the GDPR rules easier to follow and automate to keep your business covered. For example using HubSpot landing pages, forms and double opt-in methodology, many of the repeatable GDPR regulations on consent, remaining informed on how data is to be used, clear language and opting in/out can be automatically covered once your platform is set up.

The free CRM also tracks and records emails and actions giving both your prospect and your company the reassurance and proof of your visitors’ consent, wishes and option to be deleted or contact details amended. This software makes things easy and keeps everyone covered.

There are many, many more processes and methods such as the few listed above but I’m sure you get the idea. Your business can implement and design processes like these in order to protect your organisation and ultimately each individual’s private data.

GDPR guide Information Security on Blue Background.

The Right to Be Forgotten

I love this term ‘the right to be forgotten’ or also known less poetically as the ‘data minimisation principle’. This ensures that businesses do not hold personal data for longer than is necessary for a given purpose. A company must not change the use of the personal data from the original purpose for which it was prearranged. Also at the request of an individual an organisation must delete any data held on that individual. A common scenario of this is a business wishing to send a general news email to a person who downloaded a brochure from their website. In order to comply with the new GDPR regulation, the company can only do this after permission was received from the person to be sent this new and different, specific content.

Subscribe to our blog to receive tools, tips, and guides in our GDPR series directly into your inbox. Download this whitepaper to ensure you are informed about the new GDPR regulations…

Download your GDPR guide 

Topics: GDPR, Business advice




Subscribe to our blog via email

Subscribe Here!


This is what some of our clients say

"We’ve worked with Quattro on a variety of projects including HubSpot training, COS website development, email marketing, custom module design, and advanced sales and marketing reporting. Their team have proven themselves to be incredibly knowledgeable, proactive and dependable."

John Buttress

Managing Director, Sales and Marketing | PS Aspire

"We've been working with Quattro for over a year now and throughout that time, they've been a great partner, helping us with everything from our website and email tools to our inbound strategy, and beyond. We're in contact with the team almost daily, and they are a pleasure to work with."

Sarah Todd

Marketing Manager | Ecrebo