The Lowdown on GDPR

General Data Protection Regulation (GDPR) - four letters which have been dominating the news pages over the past few months and sending alarm bells to UK businesses large and small as they franticly check in-house practices to see if the way they are collecting and storing personal data meets the GDPR standard. With the regulations now in play, what does it really mean for your business and what do you need to do going forward to ensure your business is operating within the new guidelines.

1. What is GDPR

Simply put, GDPR is designed toprotect an individual’s personal data, how it’s gathered, how it’s used and most importantly, how organisations handle and store this data.

2. Check your business is handling data correctly

As of May 25th, businesses need to be mindful of the way data is collected and stored and ensure it is in line with GDPR regulations. Think about how this information is kept. Do you really need to keep that email list in your inbox for example?

3. Opting in

Previously, it was good enough for people to ‘opt out’ of receiving communications from a business, now it’s all about needing to opt in – even if a client or supporter have previously signed up to amailing list. Be thorough and ask them again.

4. Security

It seems almost too simple to state that every business should have a highly secure database in which to store personal information and contacts in place. It’s no longer acceptable to have email lists or names and addresses openly saved in documents on shared PC’s or on a memory stick. From now on, information needs to be stored safely and encrypted. Fines can be HUGE for businesses who fail to protect a person’s data and information.

5. One question: How do you want your own data to be treated?

This is really the crux of the new GDPR legislation. Treat the personal data you collect the way you would expect your own personal data to be handled.

Don’t panic!

It would be easy to start going into panic mode about GDPR, but there’s really no need! Holly Small Design has created a handy downloadable 10step guide of what to do to get your business up to GDPR-scratch. Simply visit our webpage here: