Data Protection / GDPR Compliance Review
Are you a small/micro business, perhaps a sole trader or a freelancer struggling to get to grips with the sheer volume of advice and guidance that exists around GDPR / data protection law and how to comply with it? Don’t fret, you are far from alone, its an area that even the regulators struggle with!!
I specialise in providing a service that suits small businesses, and the good news is that the new laws are actually designed to help (which is nice!). You’re not the next Facebook, so you actually don’t have to jump through the same hoops as they do.
Perhaps you’re a gardener who would rather spend your time up to your elbows in a flower bed than worrying about the odd email you send to customers, or whether your customer list makes you a data controller?
If this list sounds familiar then you do need to do something with data protection, and if you’re not currently doing it because you don’t know how or haven’t got time, use the contact form at the bottom of the page, or go straight to Book a Discovery Session and I can help guide you through compliance with a friendly chat and a few templates that will help us get what you need in place.
|I’m a small business, sole trader or freelancer|
|I have suppliers|
|I have customers|
|I take good care of my customers and they trust me|
|I want to fully get my head round data protection, but I’m really busy|
|Is it possible for this to get done without the headache?|
Data Protection Law
Although there was big push to get “GDPR Compliant” in 2018, data protection law is not a new concept. The UK has had a Data Protection Act since 1998, which was updated in 2018 to incorporate the EU General Data Protection Regulation.
Businesses can handle compliance with this regulation themselves for free. The Data Protection Act 2018 can be downloaded from gov.uk and there are guides and templates available from the Information Commissioner’s Office (ICO) to help. But do you want to spend days reading a 354-page legal document that covers scenarios up to and including global organisations?
Personal Data Mapping
I will help you identify any Information Assets that you maintain that contain Personal Data, and create a Data Map describing the who, what, why, where, when and how that demonstrate that you are taking responsibility for the data in your care.
I have a set of templates developed to be suitable for business on a small scale, from freelancers to small businesses with a handful of employees. By having a friendly chat to learn about your business and what data you process, I can then tailor these to you rather than you doing this from scratch. This means I can take a process that might take you days to complete and leave you still wondering “Have I done it all” into a painless meeting with a solid result and job done.
Data Protection Policy – Outlines the way you ensure you do this properly so you can demonstrate it
Data Processor Agreement – If you share data (e.g. with a Virtual Assistant to manage your work) then you must each be aware of your responsibilities to each other
Data Protection Impact Assessment – If you introduce a new service, or change how you’re working, it is mandatory for high risk processing to complete a DPIA
Training – It may be just you, or a team of people. I can provide remote or face to face training which is engaging and brings the subject to life with real life examples from the ICO