You are here:

GDPR for small businesses

12 April 2018

 With GDPR (General Data Protection Regulation) just around the corner on May 25th are you and your business ready?

Ignoring GDPR could mean financial and business ruin with the costs of non-compliance being high:

  • Fines of up to £20 million or 4% global turnover, even for the biggest of companies.
  • Compensation claims for damages suffered by individuals
  • Reputational damage and loss of consumer trust

It will enter us into a new age of restoring customers’ confidence in companies, allowing more transparency to the end consumer and for organisations to stop and think about how they are storing and using data.

In a world marred by data breaches and personal data being shared around without consent, Facebook and Cambridge Analytica we are looking your way, surely GDPR is a good thing, but are you prepared and how will it affect you?

How will it affect you? 

Under the new regulations, individuals will have:

  • The right to have access to any data that you hold on them
  • The right to be forgotten
  • The right to restrict processing
  • The right to be informed

In essence, it gives the end customer a lot more control on the way that their data are processed and in the driving seat of all data transactions, it is as much an IT project as a marketing project, because it has sweeping implications for the whole of the business.

How can I be prepared?

At the Giftware Association we have taken the following steps towards GDPR as a guideline:

Map your companies data – Make an itinerary of all your data and where it is kept, what you use it for and where is it from?

Determine what data you need to keep – Do you use all the data that you have collated? Do you neEd to keep it? As data are a currency, it may be hard to delete it but think of the implications and how useful it is to you

Put security measures in place – Where is your data kept? is it onsite servers or offsite servers? What is the security behind these? Look into systems that will keep your data safe

Review your documentation – Having a robust privacy policy in place is key, being transparent with everything you use the data for and all the system that you use will lead to a smoother GDPR transition.

Establish procedures for handling personal data. – set up a system on how you collect data and ensure that your whole company adheres to this as it could take a human error where you’re a data breach occurs and the company will be held responsible.

For advice and further information please contact your Trade Association at Federation House 0121 236 2657

Return to news listings