We have the in-house expertise in data protection and direct marketing compliance to assist companies and organisations to ensure compliance with the General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulations (PECR).
The GDPR comes into force in the UK on 25th May 2018. The GDPR’s objective is to give individuals more control over the use of their personal information. The GDPR achieves this objective by introducing rules to ensure greater transparency when collecting individual’s personal information, giving individuals more rights in relation to their personal information and requiring organisations that collect and use personal information to maintain an audit trail of their data processing activities.
Our GDPR Services
Understanding Your Obligation
Who does the GDPR apply to?
GDPR applies to all organisations that collect, hold or use personal information. This includes customers’ personal information as well as staff personal information.
How does GDPR affect you?
You need to conduct an assessment of what types of personal information you collect, how you collect them, what you use them for, who you share them with, how long you keep them and how you keep them safe.
Such an assessment will inform you about any risk areas in your practices and give you a focus in implementing controls to manage those risks.
What’s the worst that can happen if you are not GDPR compliant?
The GDPR gives the Information Commissioner’s Office (ICO) the power to issue organisations with fines of up to €10 million or 2% of global turnover for certain categories of breaches and up to €20 million or 4% of global turnover for other categories of breaches.
If you require any information in regards to GDPR then please contact us below.