GDPR
Introduction
Like other organisations, the Growth Hub has been busy ensuring that our processes and team is well underway to being fully GDPR compliant long before the enforcement date of 25 May 2018. As a business support organisation, we are lucky to have comprehensive resources and trustworthy information fed to us.
There is a plethora of resources and support available to businesses during their compliance journey from websites to blogs, forums, webinars & events. In essence, there is so much material out there, it is proving difficult for micro, small and medium sized business to differentiate between the law, trustworthy guidance, best practice advice and scaremongering.
We will continually update our GDPR page with useful links to trustworthy sources of information & advice, GDPR related events that we are made of aware of in the region and the questions (and answers) that we are being asked by businesses in Devon, Plymouth, Somerset & Torbay:
Request A GDPR Factsheet
Scroll down for more free to access resources!
GDPR – The benefits to your business
Described as the biggest data policy change in 20 years, GDPR will have an impact on how you manage data flowing in and out of your organisation. Although you will need to get the ground work for compliance in place by 25 May, GDPR changes may actually help boost your business! Here are a few benefits that GDPR will bring:
- Improve Your Business-Customer Relationship: You’ll know exactly what the data subject has subscribed to (their specific interests in relation to your service/product) and how they want to be contacted, thus helping you to establish an efficient relationship with the Customer, on their terms.
- Saving You Time, Saving You Money: You will only be able to provide Customers with relevant information that they have stated is appropriate to their needs. This means any effort and time spent on your side to supply this information is more likely to result in Customer uptake – or at the least be a ‘hot lead.’
- Building Trust: GDPR empowers your data subject (Customer) to understand exactly how their information is being collected, collated and used. You will not only be complying with the law but also building their trust by being transparent and improving their perception of your business’ commitment to Customer Satisfaction.
UPCOMING GDPR EVENTS:
View GDPR Events & Webinars
Growth Hub advisers can talk with you further about the events and appropriate business support programmes that meet your business needs. Contact our team on 03456 047 047 or use our online form
GDPR FAQS:
We are currently compiling a comprehensive list of the FAQs that businesses in Devon, Plymouth, Somerset & Torbay are asking us about the upcoming General Data Protection Regulation. This list is a work in progress and will be updated regularly.
The questions we're being asked by businesses in Devon, Plymouth, Somerset & Torbay
- Do all businesses need to have a data protection policy – and how can small businesses manage this in comparison to a large organisation?
- It's fine, I'm covered under legitimate interests
- My UK company doesn't need to comply to any legislation that is not a UK common law!
- I'm only a small organisation, is the cost of becoming compliant affordable?!
- Other FAQ Pages:
There is not currently a standard or universal accreditation that a business can work towards achieving. However, the ICO has issued checklists that an organisation can work to whilst on their compliance journey.
> View the ICO: ‘Consent Checklist’
“The accountability principle in Article 5(2) requires you to demonstrate that you comply with the principles [of the General Data Protection Regulation] and states explicitly that this is your responsibility.” [ICO]
Policies will be a key part of demonstrating accountability, and the nature of the detail required in a policy will be proportionate to the type of personal data held by any given organisation.
> Smaller organisations will find useful guidance here.
[Taken from the Superfast Business Wales Q&A – see “Useful Links” below]Not necessarily. According to the ICO, the basis for processing personal data under legitimate interests “applies to a wide range of circumstances but the onus is on you to balance your legitimate interests with the necessity of processing the personal data against the interests, rights and freedoms of the individual.” A fine line.
> Read ICO guidance on: “What is ‘legitimate interests’ basis?”
“The GDPR applies to processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.”
> Read more key definition about who the Regulation applies to HERE
We understand that there is usually a cost implication when working towards compliance in lieu of a new legal requirement. However, the good news is that GDPR is, to a degree, building upon and tightening-up of existing UK data protection laws so should not require drastic changes or big infrastructural costs to your business.
The ICO have set up a NEW, dedicated advice helpline aimed at people running small businesses or charities.
- https://ico.org.uk/global/contact-us/advice-service-for-small-organisations/ (03003 123 1113, option 4)
The EU GDPR resource educates the public about the main elements of GDPR:
> Visit their Q&A Page
Superfast Business Wales have worked with the ICO to compile a Q&A on the impact of the legislation on business:
> Visit their Q&A Page
USEFUL LINKS & RESOURCES:
Useful GDPR Resources
Request a free factsheet about GDPR & the implications it may have on your business from the Growth Hub.
Find out about your obligations and how to comply, including protecting personal information and providing access to official information from the ICO website.
The ICO’s Guide to the GDPR explains the provisions of the GDPR to help organisations comply with its requirements. It is for those who have day-to-day responsibility for data protection. Alongside the Guide to the GDPR, The ICO have produced a number of tools to help organisations to prepare for the GDPR.
ICO Website – GDPR for Organisations
ICO Website – Making Data Protection your Business
Also an Information Commissioner’s Office resource, the ICO blog includes GDPR myth busters and other relevant news items surrounding the topic.
This website is a resource to educate the public about the main elements of the General Data Protection Regulation (GDPR).
Get in touch
Contact the Growth Hub team to find out about support available locally.
03456 047 047
Get free factsheets
The Growth Hub have licenced access to thousands of practical, factual and digestible reports, guides, factsheets and reference resources for businesses.
GOV.UK website
Government advice, information and tools for businesses covering a whole range of sectors, issues and themes.
Start or grow your business
- Starting up
- Developing and growing a business
- Finance
- Sales and marketing
- Premises
- Employing people and HR
- Skills and training
- Funding & Grants
- Legal and regulatory
- GDPR for Businesses
- International trade
- ICT and digital
- Innovation
- Tendering and procurement
- Rural
- Social enterprise
- Environmental
- Relocating to the Heart of the South West area