Thanks Folksy for all of this information, really helpful but still a bit overwhelming.
I did the ICO questionaire following your link, if I answer Yes to question 5 and say the info is for ‘Domestic or Recreational reasons’ I dont have to register (but from the definition of those words its not for those purposes), so if I say No and continue to question 7 saying I keep info for ‘Accountancy and Auditing’ then I have to register. Surely that means everyone will need to register as we all have to produce accounts for the tax office. Or am I doing it wrong?
Second point as someone has asked further up, what about the certificates of posting we obtain from the post office with names and addresses on. I suppose we keep these in a locked up filing cabinet too?
Any info would be appreciated Camilla.
Haley
I don’t keep any invoices as if the tax man does ever want to check my paperwork I can just print it out off PayPal, stripe, or the other side’s direct payments so surely it’s down to those websites and not me because I personally don’t store anything.
I send everything signed for so do keep the post office receipts (not sure if I actually need to as I use my PayPal card so the amount spent is shown on PayPal anyway for tax purposes) but all that shows is a house number and postcode (no names).
You still need to draw up a privacy policy and in it outline that you do not store data for any longer than is required to process the order. You have an obligation to make sure that your paypal/folksy/etsy/stripe accounts are secure (you are in effect remotely storing data on their systems) and you would also receive personal data relating to the order in a notification email when you receive the order so you need to make sure that account is secure as well (and if those log ins/ passwords are stored on a computer that needs to be secure). Your privacy policy would need to detail how long you retain those emails for prior to deletion and state that customers should read the privacy policy for the third party sites.
My privacy policy starts with:
This Privacy Policy describes how and when I collect, use, and share information when you purchase an item from me, contact me, or otherwise use my services whether it is directly or through a third party site eg Etsy.com or Folksy.com and their related sites and services.
This Privacy Policy does not apply to the practices of third parties that I do not own or control, including Etsy or Folksy or any third party services you access through them eg Paypal or Stripe. You can reference their Privacy Policies to learn more about their privacy practices.
Yes I realise I will have to display a privacy policy and keep passwords safe (which I do anyway)
With regards to emails I only keep them if it’s an ongoing conversation but emails for PayPal payments/folksy sales etc I delete the same day as I can access their details through the relevant sites anyway.
Whilst obviously I have to comply, I just think it’s one of those things that sounds scary but for me i think I just have to pretty much carry on as I am (unless I’m missing something?)
Yes write up a privacy policy and then you can (probably) carry on as normal (it is going to have more of an effect on those companies that auto sign you up for emails when you buy something or do dubious things like that).
Thank you. I will keep an eye on things as I’m sure we’ll learn more the closer it gets 
I got the same Hayley, but to be honest they don’t explain themselves very clearly so I’ve probably answered something wrong 
I’ll go back any do the questionnaire in a few days time when I’ve had a read about it a bit more.
Will we still be able to send a receipt with orders as it states the way the customer has paid and also their email address
@HandCraftedLove @HandmadeByDiane
Like both of you I initially answered yes to the accountancy/auditing option. However, if you say no and get to the next question, it asks if you will use the information for accounts/record keeping. If you say yes to that, as most of us will just use the information for that purpose, it then says you don’t need to register.
You are right! There is a distinction between using the information for accounts and auditing or simply for record keeping. Folksy sellers are not keeping accounts for the individuals who buy from us, only our own accounts. We need to keep records for the Inland Revenue, but payments are recorded on our Paypal and Stripe dashboards, so we don’t need to keep the e-mails or paper records of customer payments anyway. The way I read it, nobody here should have to register or pay a fee.
@jenniesgems I do not normally include printed receipts with my order as the customer should already have that information in the form of an e-mail. It might cause a problem when an item is sent as a gift to somebody other than the person who bought it.
Sam x
Thanks Sam
I followed some ideas from the Facebook shop group. If you say NO to the accountancy bit (we’re thinking that means for those who are accountants and auditors, not us - but there’s no explanation so that could be wrong) then more stuff appears that is better suited. I got a confirmation I didn’t have to register doing it this way.
I don’t think that is wrong as some businesses are accountants and auditors. When I worked for an insurance company we used to employ a firm of auditors to come in about once every five years. To do their job, they would have had access to the data from all of our clients past and present stretching more than 10 years back in some cases. That’s a lot of data, including details of bank accounts, driving licences and passport information. We are record keepers for our own accounts, but we do not obtain detailed information concerning other companies’ customers.
Sam x
where can i find this questionaire pls, like the others i dont keep peoples details, but i havent been selling for a while
Hi @WoolyAngel you can find the link to the GDPR Questionnaire on the Folksy blog, it’s in the paragraph on what you need to do if you are a seller, worth reading the blog too 
http://blog.folksy.com/2018/04/17/gdpr-need-independent-designer-maker
Thanks just answered No to the accountancy bit and yes your right, It says No i dont need to register. Thank you.
Any updates on this? I’ve joined a Facebook page to help with this. It provides us with a link to use. Wasn’t sure if Folksy were doing one or we have to make our own policies.
We are in the process of creating a Privacy Policy for sellers that you’ll be able to edit. It’s almost ready to go live on your shops and we had hoped it would be up last week, but we hit a few hurdles in our testing. It’s very nearly there, though, and Doug is hopeful it will all be done in the next few days.
That’s brilliant. Thanks.
Hi,
I have a Privacy Policy ready to add to my account, but have no idea where to put it. The only place I can find to add it is with my Returns Policy, but I think adding it into the box with my Returns Policy isn’t appropriate. Is there anywhere it can be added which is suitable?