What can I do with one month till GDPR comes into force?
The General Data Protection Regulation (GDPR) is everywhere in the news at the moment. It’s easy to get worried about what it means for your small business. Where do you start? What do you need to do by 25th May? Who can help?
We look at the steps you can take to become compliant with less than one month to go and who can help to make the process as easy as possible.
Start your GDPR compliance journey now!
One month is enough time to get a GDPR compliance system in place for many small businesses but there is no time to delay. Sure, it’s going to take some time and input from your team but it’s quite possible to become GDPR compliant by 25th May with the right guidance, and critically, without it costing the earth.
“The guidance and tools for the first steps I’ve been through have been really useful. Due to its comprehensiveness and step-by-step layout, it has meant we've had to think about things we probably would never have considered otherwise.”
Charles Chance, Managing Director, Nimvelo
Do as much as you can
There are some basic indicators that will show customers and suppliers – as well as competitors and the regulator (the Information Commissioners Office known as the ICO) - whether you’re getting your act together on data protection. These are:
Register with the ICO
Every business that we can conceive of will process personal data and is therefore a ‘Data Controller’ and as such must be registered with (or after 25th May pay a fee to) the ICO. There’s a public register on the ICO website and everyone can see if your business is on the register.
Publish an up-to-date privacy notice
You don’t need a lawyer to draw up a privacy notice but you do need to have a clear picture of what data you process, under what legal basis you process it and how you control that data. Your customers and other people you do business with should be able to understand your privacy notice easily so avoid legal-speak and go for clarity and brevity.
"Your Astrid system and supporting documentation is exactly what I need. I found it really helpful and easy to follow. I have no doubt that we will be fully GDPR compliant when we have worked through it."
Alan Moran, Interface Financial Planning Limited
If you haven’t got these in place, it will be evident that your business isn’t ready for GDPR.
Who can help with GDPR compliance?
The ICO has guidance documents and information for small businesses, and many associations and service providers are hosting presentations and webinars on all aspects of GDPR. When it comes down to it, though, nothing beats a simple step-by-step process that you can follow easily.
Astrid has developed a secure online platform to help small businesses become GDPR compliant. We give you the tools and
information you need - all broken down into practical, manageable steps, to remove the fear factor of GDPR. Find out more about our services.
If you’re unsure whether our platform is for you, create an account and check out our free trial materials here.
Protect your business - become and remain GDPR compliant with Astrid