Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • wymondham
    • By wymondham 16th Aug 17, 4:55 PM
    • 5,096Posts
    • 8,950Thanks
    wymondham
    Gdpr
    • #1
    • 16th Aug 17, 4:55 PM
    Gdpr 16th Aug 17 at 4:55 PM
    Hi All

    As a small business and as an IT service I need to make a start on my road to GDPR compliance, but....

    I've seen lots of ebooks and read some GDPR books, all are so vague they were practically useless. There are GDPR toolkits online for about £500, but cautious about opportunists.....

    Anyone got any advice how best to start this since May isn't that far away! !!!
Page 1
    • Aquamania
    • By Aquamania 17th Aug 17, 12:35 PM
    • 1,961 Posts
    • 788 Thanks
    Aquamania
    • #2
    • 17th Aug 17, 12:35 PM
    • #2
    • 17th Aug 17, 12:35 PM
    https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/
    • phizzimum
    • By phizzimum 6th Apr 18, 10:52 AM
    • 1,693 Posts
    • 9,244 Thanks
    phizzimum
    • #3
    • 6th Apr 18, 10:52 AM
    • #3
    • 6th Apr 18, 10:52 AM
    Iíve only just realised that this is happening next month and Iím feeling overwhelmed. Iíve been trying to wade through the ICO website but Iím not really clear what it is I need to be doing.

    My husband and I run a small business. We have a regular client base and have records of their names, addresses, phone numbers and email addresses on our invoicing program. We donít have staff but do use subcontractors so we have their contact information and bank details.

    Is it enough for me to put a privacy policy on our website? Do I need to contact our customers to get consent to hold their data?

    How are other people finding this?
    weaving through the chaos...
    • Savvy_Sue
    • By Savvy_Sue 6th Apr 18, 12:50 PM
    • 38,375 Posts
    • 34,966 Thanks
    Savvy_Sue
    • #4
    • 6th Apr 18, 12:50 PM
    • #4
    • 6th Apr 18, 12:50 PM
    there's another slightly different thread on it here. However a) you're not the only one going "Eek, it's next month" and b) the ICO says they will take a light touch approach as long as you appear to be trying to meet your obligations.

    I'll ask DH what he thinks about your explicit questions: he's helping some local charities and voluntary organisations so well on top of things from that viewpoint but probably knows the business side as well.
    Still knitting!
    Completed: 1 adult cardigan, 3 baby jumpers, 3 shawls, 1 sweat band, 3 pairs baby bootees,
    1 Wise Man Knitivity figure + 1 sheep, 2 pairs socks, 2 hats 2 balaclavas for seamen, 1 balaclava for myself ...
    Current projects: Poppies, mohair cardigan pattern on order...
    • Savvy_Sue
    • By Savvy_Sue 6th Apr 18, 8:51 PM
    • 38,375 Posts
    • 34,966 Thanks
    Savvy_Sue
    • #5
    • 6th Apr 18, 8:51 PM
    • #5
    • 6th Apr 18, 8:51 PM
    My husband and I run a small business. We have a regular client base and have records of their names, addresses, phone numbers and email addresses on our invoicing program. We donít have staff but do use subcontractors so we have their contact information and bank details.

    Is it enough for me to put a privacy policy on our website? Do I need to contact our customers to get consent to hold their data?

    How are other people finding this?
    Originally posted by phizzimum
    As I expected, DH said "It depends ..." but we're fairly sure a privacy policy isn't going to hack it.

    What is your relationship with your clients - do you supply something regularly, or as and when? Do you ever send out marketing emails? If you do, then you MUST have their explicit consent.

    The subcontractors, I think you'd need their explicit consent to hold their data, although you have a legitimate interest in doing so: they want to be paid, you need to keep their details.

    It's not just about their consent, it's also about how you hold and maintain their data.

    Does your local chamber of commerce have anyone with an interest in this? I've been aware of lots of courses and information sessions aimed at the voluntary sector, although a friend has found conflicting information. Some sessions have been run by local solicitors, and aimed at small business as well as the voluntary sector.

    Does your accountant have any pointers? What about your solicitor, if you've ever had cause to use one?
    Still knitting!
    Completed: 1 adult cardigan, 3 baby jumpers, 3 shawls, 1 sweat band, 3 pairs baby bootees,
    1 Wise Man Knitivity figure + 1 sheep, 2 pairs socks, 2 hats 2 balaclavas for seamen, 1 balaclava for myself ...
    Current projects: Poppies, mohair cardigan pattern on order...
    • anmarj
    • By anmarj 7th Apr 18, 11:53 AM
    • 1,638 Posts
    • 1,287 Thanks
    anmarj
    • #6
    • 7th Apr 18, 11:53 AM
    • #6
    • 7th Apr 18, 11:53 AM
    Yep started doing this, worst part is i have to ensure my webhosts fall under this, and i have to contact each one, to get confirmation that they comply.

    I joined a group on facebook run by a data protection lawyer and bought a pack to help
    me go through every thing and invested in a new portable drive that i can password protect
    mummy to one

    "A little knowledge is a dangerous thing"
    • phizzimum
    • By phizzimum 10th Apr 18, 5:42 PM
    • 1,693 Posts
    • 9,244 Thanks
    phizzimum
    • #7
    • 10th Apr 18, 5:42 PM
    • #7
    • 10th Apr 18, 5:42 PM
    I think I need to keep wading through the ICO website
    weaving through the chaos...
    • Savvy_Sue
    • By Savvy_Sue 10th Apr 18, 6:00 PM
    • 38,375 Posts
    • 34,966 Thanks
    Savvy_Sue
    • #8
    • 10th Apr 18, 6:00 PM
    • #8
    • 10th Apr 18, 6:00 PM
    From a thread on the employment board (self-employed person asking GDPR questions):
    Do you collect data via the website (e.g via a contact form?)

    If so you will need a privacy policy that outlines what you do with the data. This would also lay out if you use things like Google Analytics.
    Let me know and I can PM you the link to a free template from a solicitor which is great and which you can use as long as you keep the credits in.

    If you use cookies on your website you will also need a cookies policy - you can buy a template from said solicitor (not too expensive - think around £20) and amend.

    If neither and the site is just to provide information then you!!!8217;re fine.
    Originally posted by Sanne
    The site is https://docular.net - they have been recommended by our solicitor who also uses the templates from the solicitor behind that site.
    As there is an editor is very easy to amend - of course you still need to have an understanding about what you're putting together unless it's a very straightforward case.

    There are a few free ones for GDPR (specifically the privacy policy) and other purposes.
    Originally posted by Sanne
    Just adding a warning that you need to understand any changes you decide to make to templates such as these: it would be easy to make a change which either wasn't compliant with the letter or spirit of the law, or was just plain wrong. But I speak as a lay person ...
    Last edited by Savvy_Sue; 10-04-2018 at 6:01 PM. Reason: Adding warning
    Still knitting!
    Completed: 1 adult cardigan, 3 baby jumpers, 3 shawls, 1 sweat band, 3 pairs baby bootees,
    1 Wise Man Knitivity figure + 1 sheep, 2 pairs socks, 2 hats 2 balaclavas for seamen, 1 balaclava for myself ...
    Current projects: Poppies, mohair cardigan pattern on order...
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

479Posts Today

5,639Users online

Martin's Twitter
  • I've decided my weekend starts here while the sun's glow is still baskable. So I'm signing off. Have a great weeke? https://t.co/9FxNEpDs6p

  • No not correct. The big six do, but you can get fixed tariffs guaranteed not to rise and about 25% cheaper. Just tr? https://t.co/B2ft5OS3Ig

  • Baaaa! Scottish Power has bleated and followed the herd, today announcing it's putting up energy prices by 5.5%. R? https://t.co/vi3hBxo4Hn

  • Follow Martin