Langleys – Taking that first step to GDPR compliance

We are in the final few weeks before GDPR kicks in, a number of businesses still have not prepared for the changes ahead.  Now is the time to start your journey to becoming GDPR compliant. This may seem like a big task but our team can guide you through the actions required for May 25.

Additional to data audits, most businesses will need:

A GDPR-compliant privacy notice (sometimes called a privacy policy)

This must be in place, in the required form, by 25 May, if you hold any personal data for your own purposes (which most businesses do).  It tells people about how you use their personal data.  Even if you already have a privacy notice it will need updating to comply with the very specific requirements introduced by GDPR.

A GDPR-compliant contract with each ‘data processor’

If you allow anyone external access to the personal data you hold, for example to help you with administration, you will need to have a written contract with them in the required form.  This could simply mean an additional clause needs inserting into your Terms and Conditions of business.

For more information, contact Fiona Kingscott