If businesses have not established proper policies and procedures for the way they hold and use information, from employee's addresses to customer email databases, they could face hundreds of thousands of pounds in fines.
GDPR is now in full swing and we have developed a package to support businesses to help them navigate the data minefield.
GDPR and data protection experts at the firm are offering:
- An initial review of a business’s existing data collection and use (i.e. where their information comes from and what personal information they will hold);
- A data mapping template to enable businesses to identify the information they hold and where it is stored, so as to monitor their personal data use and ensure continuing compliance.
- A review of existing standard Terms and Conditions, or where necessary the preparation of new Terms and Conditions to ensure GDPR compliance; and
- Access to a GDPR legal expert for specific queries in relation to the new regulations.
David Preece, Corporate Partner at FBC Manby Bowdler, is part of the firm's expert team helping a clients prepare for GDPR.
"One of the key considerations of the regulation is that it’s new penalties will come into force and they are potentially devastating compared to what we have now.
"There are two tiers: the first is up to €10m or two per cent of a company’s global turnover of the previous year, whichever is the higher; the second is up to €20m or four per cent of the previous year’s turnover, again, whichever is higher. This is a significant difference to the fines the Information Commissioner’s Office can currently levy.
"Taking a high profile example, Talk Talk’s 2016 fine of £400,000 for allowing hackers to access customer data would have rocketed to £59m under GDPR. Figures like that should be enough to make anyone pay attention.
"But it's not just big companies which will be affected by these new rules, SMEs are not immune to GDPR and they won't be immune to the potential fines either.
"We know there are thousands of companies out there which are completely unprepared for GDPR. This package of support has been designed to help companies identify the data they hold, and give expert support in reviewing and developing the right policies and processes around that information, so that they can comply with the new regulations"