New Data protection laws come into effect on 25 May 2018. The General Data Protection Regulations (GDPR) are a comprehensive overhaul of current data protection laws.
GDPR will affect everyone who holds and processes personal data including all companies, partnership and LLPs, sole traders, charities and other unincorporated associations such as sports and social clubs. If you employ anyone then GDPR will apply to those employee personal data, if you sell your goods or services to the public then GDPR will apply to your customers’ personal data. Even if you only deal with other companies, you are likely to hold personal data about the individuals within those customers with whom you gave dealings with.
To comply with GDPR you have to ensure that 7 golden principles are observed. These principles cover why you are holding personal data, how long you are able to hold that data, what you can do with that data whilst you hold it and what you must do if there is a data breach.
Anyone can ask for a comprehensive report about the data you are holding about them and you must respond to any such data access requests you receive.
In addition, you must now be able to demonstrate that you have thought about how GDPR affects your business and have a tangible plan to show how you have implemented the new law. The ICO can come and carry out an audit on your business at any time to make sure you are compliant. If there is a data breach (and you must now report all data breaches to the ICO) or if an employee of yours or a client/customer makes a complaint to the ICO they will most likely carry out an audit on you.
To comply you must have taken steps such as reviewing your data protection policies, train your staff in the new laws, have privacy notices which comply with GDPR and have reporting procedures in place. You may need to obtain consent from individuals to enable you to have and process their personal data.
We are discussing in further detail GDPR and how it will affect your business at a seminar which will take place on Friday 4th May between 8am – 10am at Sandal Rugby Club, Stanbridge Lane, Wakefield, WF2 7DY. For further details and to book a place at this free event please click here.
Susan Lewis is the Head of the Commercial Department at Jordans Solicitors and will be giving a talk about the general overview of GDPR at the seminar. our Commercial Department are committed to excellence and are a member of the Lawyers for Your Business scheme, which is dedicated to supplying advice to start-up businesses and SMEs. To see how Jordans Solicitors can help your business, call 0330 300 1103 or request a call-back. Our offices are based across West Yorkshire in Wakefield, Dewsbury and Horsforth.