The Data Protection regime doesn't sound like the most glamorous area of law, but its application is universal. Spend a little time getting it right for your own business, and you will find that not only do you feel more confident when asked about it, but that your business is elevated in the eyes of your existing clients, potential clients, and the wider community. Being able to market your business as fully GDPR compliant - and knowing what that means - is worth the effort. And as my testimonials attest, I will guide you through the process with ease.
What we all know about Data Protection
The Data Protection Act was implemented to stop the illegal use of personal information by unscrupulous businesses - the kind that would buy and sell a mass of information and before you knew it, you'd be bombarded in all media with unrequested marketing. Or sensitive data on a laptop would be left on a train.
The Information Commissioner's Office enforces, guides and monitors how businesses in the UK comply with the obligations under the Data Protection Act. As the amount of personal data individuals are now sharing online has increased, the legislation is about to change to provide further protections to individuals, in the form of the General Data Protection Regulation.
25th May 2018
The General Data Protection Regulation comes into force in the UK on 25 May 2018 (irrespective of the Brexit vote).
This Regulation updates and modernises the existing laws, particularly around the concept of "consent", the right to be forgotten, and the requires data controllers to consider in depth their genuine need for the data they are collecting and storing.
My offerings
Silver offer - for brand new start-ups in their first year of development or trading
I will provide you with a standard data protection policy that complies with the latest legislation.
In addition, I will guide you through what that means for how your new business ought to store, protect and collect its data, in a Skype or face-to-face meeting in Central or South West London (maximum 2 hours).
Platinum Offer - for established businesses
I will meet with you to discuss your existing business and how it manages its data obligations. We will discuss the current and future use of data, as the business plans to expand. After the meeting I will:
- review your existing data protection policy and provide amendments, or provide a complete redraft if that is needed;
- provide a written package, advising you the best practice for your business on how to tackle the GDPR;
- answer your specific queries on how your unique business should manage its obligations, queries from the public, and any errors in your existing practice.
* My practice is not currently registered for VAT, and does not charge VAT on any fees.
Let's talk about this complex area of law and simplify it for your business
We'll discuss all aspects of your data handling, including these areas:
- employee data
- client data
- prospective client and third party data
- how your data is collected - online, in person, over the phone, conferences, networking
- how your data is stored - in the cloud, 3rd party programmes, hard copies, laptops, phones, memory sticks
- who has access to the data, and do they know their responsibilities
- how do you protect private information from cyber attack or risk of getting lost
- consent to collect and store data
- the right to be forgotten
- how long is your data kept, and is this sufficient or excessive given your needs
- what do you do with the data - are you collecting more than you need
- the risks you might be taking from not complying with the data protection legislation