The General Data Protection Regulation (GDPR) came into force in the UK on 25 May 2018. An evolution of existing data protection legislation, GDPR introduces some significant changes to the current regime – and with non-compliance leading to potential fines of up to €20 million, businesses must take these changes seriously.
GDPR affects all organisations, so it is vital that you are aware of your obligations. Essentially, if you handle personal data, that data must be ‘fit for purpose’. For most businesses data is focused around information concerning employees and information concerning customers and potential customers.
To be compliant with GDPR the actions your organisation needs to take depend on the data you hold. You need to understand how it has been gathered and stored, how it is being used, identify the risks and any gaps in your compliance. For most businesses it will mean activities right across an organisation including reviewing policies and procedures, updating contracts and training of staff.
With specialist lawyers across our employment and HR, commercial and litigation departments, the Napthens’ team can help you meet your GDPR responsibilities in key areas including:
- Guidance on company data audits
- Providing new policies / updating existing policies to meet new requirements
- Drafting and amending terms and conditions with clients /suppliers
- Guidance on privacy notices
- Advice on supply chain data issues
- Training of Data Protection Officers (DPOs) senior managers and staff on specific GDPR obligations at our offices (up to 15 attendees), at your offices, or arrange for an alternative venue if required (additional fee)
- Devise processes for handling data breaches
- Dispute management and litigation advice
To discuss your specific needs or for a no-obligation quotation please contact:
GDPR@napthens.co.uk or call Jacob James on 01772 904382
To read all our GDPR articles please click here