The magazine for Aycliffe Business Park | 15
Paul Humble( left) and Ben Healey of Aycliffe law firm Greystone Legal.
GDPaaRRRgh!
25 May 2018 should by now be burned into every business owners’ mind! While many employers have policies and procedures in place, a surprising number of businesses are still to turn their attention to compliance with the new regulations.
Greystone Legal are assisting local businesses with cost-effective solutions to help them on their way to GDPR compliance.
If you still need to get your act together, Greystone Legal have put together some useful pointers.
Our seven steps to creating a Data Protection Policy:
1. Decide whether you process personal data, almost every business does. Remember, personal data is anything which can be used to identify an individual – whether that’ s in writing, on a computer – even a photograph or video footage.
2. If you hold or process personal data then you must register with the Information Commissioners Office – for smaller businesses it is only £ 35.00 – go to ico. org. uk / for-organisations / register /
3. Work out what data processing activities you undertake e. g. customer contact details, email marketing, employee details etc.
4. For each data processing activity you carry out, identify the personal data you hold e. g. names, email address, IP addresses etc. Remember to consider whether the personal data is absolutely necessary – for example, do you really need that date of birth to conduct your email marketing?
5. Once you have identified the data process and the personal data for that process, you should then consider the lawful basis that allows you to process the personal data. If there is no lawful basis, you must not hold or process personal data. This ICO guide can help- https:// ico. org. uk / for-organisations / resourcesand-support / getting-ready-for-the-gdprresources / lawful-basis-interactiveguidance-tool /
6. You should put the above information together into a Data Protection Policy. You should make sure it addresses: Data Retention, Data Security, Rights of Data Subjects( how will you deal with the right to be informed, access, rectification, etc.)
7. Make sure people are aware of your policies. How will you communicate them to staff and data subjects?
TEMPLATE PACKAGE We shall provide the following templates for you to complete to help ensure your business is GDPR compliant > Data Protection Policy > Data Processing Agreement > Data Retention Policy > Employee Data Processing Policy and Contract Clause > Website Privacy Policy > Cookie Policy Plus 30 minutes legal advice call with a solicitor £ 395 + VAT
BESPOKE PACKAGE We shall provide the following documentation bespoke to your business requirements: > Data Protection Policy > Data Processing Agreement > Data Retention Policy > Employee Data Processing Policy and Contract Clause > Website Privacy Policy > Cookie Policy Includes specialist advice and documents prepared based upon the specific requirements of your business FROM £ 695 + VAT
Greystone Legal can provide advice, assistance and representation in respect of the full range of employment and commercial law issues. If you wish to discuss any employment or commercial law issues you can contact Greystone Legal on 01325 787007 or email info @ greystone. legal