by Stuart Lennon

EU Flag



The new oil. 




Soon, every customer of Nero’s Notes will receive correspondence from us on the General Data Protection Regulation (GDPR). I daresay that most of you are already receiving lots of them from other companies.


Before we get that out to you, I wanted to explain what data we collect, and how we use it, in what I hope, will be plain and simple language.


When you make a purchase on the store, several things happen. 


1.  You provide your name, address and email address. You might even give a phone number. This is collected by the e-commerce framework that we use, Shopify.

2.  Payments are processed through outsource providers. Cards are dealt with by Stripe, Paypal or Apple Pay depending on what you select at checkout. Payment data is NOT visible to or retained by Loggedoff Ltd (The company behind Nero’s Notes) .

3.  We use your postal address, to ummm.. send you your order. The system will automatically send you notifications of despatch by e-mail, Messenger or SMS.

4.  If you take one of our subscription products, then your name and address is retained by a company called Bold - who provide the Recurring Order App that we use to automate the payments at the right time. The Payments are again, processed via Stripe.

5.  Every customer’s name and email address is transferred to MailChimp. This is the service that we use to send emails on offers, information and marketing. We don’t over-use this, sending only one or two mails per month. At the bottom of each mail is an unsubscribe button.


What else do we do with your data?


Nothing. Nada. Zip.


We do not sell your data. We don’t give it away. We never have and we never will.


What is GDPR making us do?


1.  Well, we will need to document our policy and procedures for collecting, using and safe-guarding your data. Yes, it’s a bit of a pain, it’s not as though we are a massive corporate firm mining data, but hey, privacy is important. Fair enough.

2.  We need to interrogate our suppliers, providers about their policies and procedures. Shopify, Stripe, Paypal, Bold, Mail Chimp are all industry leaders. They are all issuing papers on GDPR. An irony of the new regulation though is that little old Loggedoff Ltd has to prove to itself that these big boys are doing the right thing. Lots and lots of bedtime reading for Stuart, buy hey, privacy is important. Fair enough.

3.  Consent. Currently, the shopify app defaults to ‘customer accepts marketing’. We will have to change that. Going forward, we will need customers to unambiguously, actively consent to receive marketing mails from us. So, unless the customer clicks the box, they won’t receive mails from us.

4.  Consent II. We will send a mail to everybody on our list asking them to actively consent to continue to receive marketing.


What will GDPR mean for Nero’s Notes



1.  Call us drama-queens, but GDPR is scary as hell. We know that most people will receive a mail asking them to sign up to the list and ignore it. Everyone gets too much mail and has better things to do than encourage more! Given the choice, many people will choose NOT to receive marketing from us.

2.  However, there’s a reason that companies send mails out to mailing lists. Those mails work. Every time we send out a mail, we see a spike in sales. With a smaller list, we will see a smaller spike. For a small company, that’s a big deal. 


What’s next?


1.  At some point in the next few weeks (GDPR comes in on May 25th) you might notice a new opt-in to marketing box at checkout. We would be so grateful if you would tick the ‘accept marketing’ box.

2.  Stuart will be preparing detailed policies and procedures, and upgrading our privacy statement. He will also be seeking strong statements from all outsource service providers.

3.  Those already on our list will receive a mail asking them to opt in. Again, we would be really grateful if you did opt in.


Final thoughts


GDPR is a good thing. Too many people play fast and loose with personal data and consumers deserve protection.


Loggedoff Ltd, as embodied by Nero’s Notes, has never and will never sell your data. If you want to know what data we hold on you. Ask. We’ll tell you. 


The buck stops with Stuart. If you have any concerns about Nero’s Notes and data, get in touch. 


Thank you very much for reading.


Over the next few weeks you will receive hundreds of re-subscribe mails. Before you reject them all, please spare a thought for your favourite retailers; especially the little guys. It would mean a lot to them if you opt-in.