Are you GDPR ready?

The law changed in May 2018. GDPR is just around the corner, but are you ready for it? GDPR regulates how businesses handle confidential and personal data, and affects every business – including yours. But what exactly is all the fuss about, and how will it have an impact on your business? We’ve compiled this useful guide to answer any questions you may have, and to help you prepare for the almighty legal framework that is GDPR.

The General Data Protection Regulation (GDPR) is a binding legislative act from the European Union concerning the protection of personal data. The new regulation came in to effect on May 25th 2018 and aims to replace outdated and inconsistent data laws throughout the EU member states. The law places more responsibilities on anyone who controls or processes personal data – meaning all UK business need to understand and prepare for this important law change.

GDPR is complex but extremely important. Businesses across the UK must be compliant or risk paying huge fines. The GDPR introduces a two tier fine system for business controlling and processing personal data without following the legal requirements.

Breaches which occur that legislators believe to be highly important will be fined up £17.25 million or 4 percent of the previous year’s global annual turnover (which ever figure is higher). Smaller breaches can still lead up to substantial fines of £8.6m or 2 percent of the previous year’s global annual turnover (again which ever figure is higher.) You don’t need us to explain how disastrous such a fine could be for a company!

General Data Protection Regulations came in force on 25th May 2018.

Creating a secure data landscape is the responsibility of every business. If your collecting data about clients in any shape or form, whether that be for marketing purposes, or analysis through databases or Google analytics, you must comply with GDPR. People have a right to know what personal information you’re storing about them and what exactly you’re going to do with that data. The law applies to data that can be transferred back to an individual.

Outdated legislation and an inconsistent data landscape across EU member states have pushed the EU to standardise data protection. In an ever-changing, fast paced world of technology, the future proof GDPR protects individuals’ privacy and grants them greater control about how their data is used, and how long it is kept for. It allows users to be ‘forgotten’, meaning data cannot be kept beyond the original purpose for what it was collected for. The GDPR also combats against personal data breaches. The GDPR must be followed by any business that trades within the EU or with EU data. In short, lack of security, privacy and control regarding personal data will be combatted with a more secure data landscape with individuals having greater insight into how their data is processed and used.

Despite the decision by the UK to leave the EU, businesses are still required to be GDPR compliant. Legislation applies to any businesses working within the EU and dealing with any EU data.

Consent is important. Consent allows you to process and use data without getting into trouble. Not only are you ticking boxes by following the GDPR, but you’re also building better relationships with your customers by respecting their privacy and rights.

If you wish to use either a new or existing individual’s personal data, they must have given you explicit consent to do so. It’s not ok to assume you have permission, and you can’t use sneaky tactics such as pre-ticking tick boxes or hiding clauses in your privacy policy. You must avoid confusing language and be completely transparent. What’s more is that you also need to record when permission was granted and what exactly they granted permission for. The individual must also be able to easily opt out of their data being used.

It’s a lot to take in – we understand. If you need help, we’re here for you. We can carry out a thorough review of your existing data consent process and evaluate if you’re compliant with GDPR. We will work towards helping you educate yourself and your employees about how to avoid personal data breaches and how to spot one when one had occurred. We will help you abide by the regulation to protect individual’s communications: electronic or otherwise.

You can take advantage of our 14 day free trial to help you become compliant. We offer a bespoke service for each and every business, assuring you only pay what you need to. To get a free quotation, head over to our Contact page.

Help my business comply

We can help your business become compliant.

So happy to have someone to take away the burden and ensure we are compliant ourselves and for our clients well ahead of time.

KD Accounting
14 Day Free Trial

Includes:

  • GDPR or CCPA Overview
  • DPIA (Selected)
  • Risk Overview
  • Privacy Policy Review
  • No credit card details, no hidden costs
  • No software downloads