OK so data protection is uppermost in our minds these days for a number of reasons. But have you stopped and thought about any data protection and privacy issues around your podcast?
You may have heard about GDPR.… a phrase likely to induce boredom, yawning, frustration, anger even…. or maybe you think it doesn’t affect you. It is of course the General Data Protection Regulation, a series of legislative requirements around data protection for individuals, and it comes from the European Union. So all of us within the EU have to comply with it, and so does anyone else in the world who stores and processes the personal data of any individuals in the EU. It (finally) came into force on 25th May 2018 and contrary to popular scaremongering, the sky didn’t fall down on that day.
SO how on earth do data protection and privacy issues affect your podcast?
As I was working towards being compliant with the requirements of GDPR, I started with a data audit.
I identified all the places where I capture, hold, and process the personal data of individuals, and I did that not only for my podcast production services and digital marketing mentoring, but for my Stitchery Stories textile art podcast too.
For my podcast:
I hold details of potential and actual guests in a planning spreadsheet.
There are also the emails with each potential guest, and actual guests.
I hold the name and email address of the listeners who sign up for the Stitchery Stories Fan Club. This is held within MailChimp.
What about you?
Are you located in the EU?
You are affected by GDPR.
If you host a guest based podcast
Then you will likely have some sort of planning spreadsheet or database in use. That means you are storing and processing personal data.
If you are building an email list from your podcast
Then you are storing and processing personal data. Yes even ‘just’ holding first name and email address in some system like MailChimp is storing and processing personal data.
What do you send out to that email list?
Information purely about the podcast content? Or do you use that list as a way to market your goods and services, to use your podcast as a lead magnet for your core business activities ? Then you are affected, as you MAY need to get permission to continue to market to those people on that list.
Is anyone on your email list or guest database located in the EU?
Then you are also affected by GDPR even if you are not physically located in the EU
So… if your podcasting activities are processing personal data…
What do you need to do?
This is just a ‘heads up’ to get you started.
These are just the basic headline data protection activities
That are likely to be required from you as a podcaster with guests and an email list.
A key aspect to all of this is to document your findings, thoughts and decisions.
An excellent place to start your research (if you are late to the GDPR party) would be with the UK Information Commissioner’s Office (ICO) website – they are the government authority responsible for all of this in the UK. They have plenty of practical guides and checklists and information to help you.
Of course any software and services that you use in the process of creating, producing and marketing your podcast will likely already have emailed you, because they are processing your personal data too.
If you now realise that actually you are affected and need to do something, then don’t panic and just get started. You may of course decide to ignore it and do nothing. We all have our own attitude to risk. To be honest, this is one of those things that seems like a nightmare but can be broken down into several straightforward steps. Anyway, I am just trying to be helpful, but now, it’s over to you.