Assess what data you are collecting,how you are collecting it and where you are storing it.
Understand what types of data you are holding which can include: personal/ sensitive data in hard (paper) format; electronic format; CCTV images, GPS information; and call recording.
Flesh out with our lawyers why you hold this data, if it’s essential or not, and if so, whether it falls within any of the lawful reasons for having it, or whether explicit consent is required.
Discuss with the lawyer what contracts you have and with who (IT providers, telephone company, cloud or server hosts, CCTV provider etc. ) so you can identify the next steps securing compliant terms with them.
A GDPR compliant data protection policy can be tailored to your organisation’s requirements upon receipt of our completed questionnaire and discussions with our lawyers.
Your policy needs to be workable but you also need to understand it, implement it and manage it. More importantly, your policy will demonstrate compliance with the new Regulations.
The policy will come with an advice note on what to do with the policy and data, who to speak to and how you implement this.
You should think about mapping the data you collect and hold.
Filling in our questionnaire will enable you and our lawyers to begin making you GDPR compliant and ready.Once you have done this, we will book a follow up consultation to decide on the next action point and provide you with an advice note.
You can access our GDPR questionnaire (word doc) by clicking here.
Data protection governance is here to stay and it is every business is responsibility to ensure that it understands the law and has robust policies to protect its staff & clients. Concise policies online and off help a business to focus on what is essential and avoids compliance issues and claims. Our team offer specialist advice specifically tailored to your business needs so it’s commercial, understandable and workable