GDPR for Businesses

Introduction

Like other organisations, the Growth Hub has been busy ensuring that our processes and team is well underway to being fully GDPR compliant long before the enforcement date of 25 May 2018. As a business support organisation, we are lucky to have comprehensive resources and trustworthy information fed to us.

There is a plethora of resources and support available to businesses during their compliance journey from websites to blogs, forums, webinars & events. In essence, there is so much material out there, it is proving difficult for micro, small and medium sized business to differentiate between the law, trustworthy guidance, best practice advice and scaremongering.

We will continually update our GDPR page with useful links to trustworthy sources of information & advice, GDPR related events that we are made of aware of in the region and the questions (and answers) that we are being asked by businesses in Devon, Plymouth, Somerset & Torbay:

Request A GDPR Factsheet

Scroll down for more free to access resources!

GDPR – The benefits to your business

Described as the biggest data policy change in 20 years, GDPR will have an impact on how you manage data flowing in and out of your organisation. Although you will need to get the ground work for compliance in place by 25 May, GDPR changes may actually help boost your business! Here are a few benefits that GDPR will bring:

  • Improve Your Business-Customer Relationship: You’ll know exactly what the data subject has subscribed to (their specific interests in relation to your service/product) and how they want to be contacted, thus helping you to establish an efficient relationship with the Customer, on their terms.
  • Saving You Time, Saving You Money: You will only be able to provide Customers with relevant information that they have stated is appropriate to their needs. This means any effort and time spent on your side to supply this information is more likely to result in Customer uptake – or at the least be a ‘hot lead.’
  • Building Trust: GDPR empowers your data subject (Customer) to understand exactly how their information is being collected, collated and used. You will not only be complying with the law but also building their trust by being transparent and improving their perception of your business’ commitment to Customer Satisfaction.

UPCOMING GDPR EVENTS:

View GDPR Events & Webinars

Growth Hub advisers can talk with you further about the events and appropriate business support programmes that meet your business needs. Contact our team on 03456 047 047 or use our online form

GDPR FAQS:

We are currently compiling a comprehensive list of the FAQs that businesses in Devon, Plymouth, Somerset & Torbay are asking us about the upcoming General Data Protection Regulation. This list is a work in progress and will be updated regularly.

The questions we're being asked by businesses in Devon, Plymouth, Somerset & Torbay

There is not currently a standard or universal accreditation that a business can work towards achieving. However, the ICO has issued checklists that an organisation can work to whilst on their compliance journey.

> View the ICO: ‘Consent Checklist’

“The accountability principle in Article 5(2) requires you to demonstrate that you comply with the principles [of the General Data Protection Regulation] and states explicitly that this is your responsibility.” [ICO]

Policies will be a key part of demonstrating accountability, and the nature of the detail required in a policy will be proportionate to the type of personal data held by any given organisation.

> Smaller organisations will find useful guidance here.

[Taken from the Superfast Business Wales Q&A – see “Useful Links” below]

Not necessarily. According to the ICO, the basis for processing personal data under legitimate interests “applies to a wide range of circumstances but the onus is on you to balance your legitimate interests with the necessity of processing the personal data against the interests, rights and freedoms of the individual.” A fine line.

> Read ICO guidance on: “What is ‘legitimate interests’ basis?”

“The GDPR applies to processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.”

> Read more key definition about who the Regulation applies to HERE

We understand that there is usually a cost implication when working towards compliance in lieu of a new legal requirement. However, the good news is that GDPR is, to a degree, building upon and tightening-up of existing UK data protection laws so should not require drastic changes or big infrastructural costs to your business.

The ICO have set up a NEW, dedicated advice helpline aimed at people running small businesses or charities.

The EU GDPR resource educates the public about the main elements of GDPR:

>  Visit their Q&A Page

Superfast Business Wales have worked with the ICO to compile a Q&A on the impact of the legislation on business:

>  Visit their Q&A Page

USEFUL LINKS & RESOURCES:

Useful GDPR Resources

Request a free factsheet about GDPR & the implications it may have on your business from the Growth Hub.

Request a GDPR Factsheet for Business.

Find out about your obligations and how to comply, including protecting personal information and providing access to official information from the ICO website.

The ICO’s Guide to the GDPR explains the provisions of the GDPR to help organisations comply with its requirements. It is for those who have day-to-day responsibility for data protection. Alongside the Guide to the GDPR, The ICO have produced a number of tools to help organisations to prepare for the GDPR.

ICO Website – GDPR for Organisations

ICO Website – Making Data Protection your Business

ICO – Advice service for SMALL organisations

ICO – GDPR self assessment checklist

Also an Information Commissioner’s Office resource, the ICO blog includes GDPR myth busters and other relevant news items surrounding the topic.

Visit the ICO News Blog.

This website is a resource to educate the public about the main elements of the General Data Protection Regulation (GDPR).

Visit the GDPR Portal.

Get in touch

Contact the Growth Hub team to find out about support available locally.

03456 047 047

Newsletter Sign up

Click here to sign up

Newsletter sign-up






Data Protection
The Heart of the South West Growth Hub service is funded by the Department for Business, Energy and Industrial Strategy. Plymouth City Council are the Managing Authority on behalf of Heart of the South West Local Enterprise Partnership.
Somerset County Council is the Accountable Body and the Data Controller for the Heart of the South West Growth Hub Service which is delivered by Serco.
Please see Somerset County Council’s Privacy policy for information about how your data is used and stored by visiting Somerset County Councils website: http://www.somerset.gov.uk/accessing-our-information/privacy-policy/
Please note: The Heart of the South West Growth Hub service uses MailChimp as our marketing automation platform. By confirming that you wish to receive our e-newsletter, you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their Privacy Policy https://mailchimp.com/legal/privacy/ and Terms https://mailchimp.com/legal/terms/.

Please leave this field empty.

Get free factsheets

The Growth Hub have licenced access to thousands of practical, factual and digestible reports, guides, factsheets and reference resources for businesses.

GOV.UK website

Government advice, information and tools for businesses covering a whole range of sectors, issues and themes.

Start or grow your business