Countdown to GDPR


are you ready?

The European Union General Data Protection Regulation (GDPR) significantly increases the responsibilities and obligations for businesses and organisations in how they collect, use and protect personal data. Failure to comply with legislation may result in maximum fines of 4% of global revenue or €20 million, whichever is greater.

What GDPR means for your business

consent GDPR


Businesses must refresh all consents if they don’t meet GDPR requirements. Consent given must be specific, positive opt-in, freely given, granular and separate from terms & conditions.


Data Breach notification GDPR

Data Breach Notification

Data controllers must notify the supervisory authority of a data breach with 72 hours or in cases of increased severity without undue delay. Failure to notify can result in significant. fines


Data Protection Officer GDPR

Data Protection Officer

Businesses must appoint a DPO if they are a public authority, carry out large scale systematic monitoring of individual personal and sensitive data, or data related to criminal convictions and offences.


rights of individual GDPR

Rights to the Individual

GDPR confers new and greater rights to individuals, giving them greater control over the processing of their personal data Their rights and information relating the processing of their data must be mapped out clearly in the privacy notice..

privacy by design GDPR

Protection by design

Businesses and organisations will need to introduce technical and organisational measures to ensure that data privacy and protection is at the heart of all their future actions when processing personal data. 

subject access GDPR

Subject Access Request

Individuals can request access to all of the persona data that you hold on them along with confirmation on how their data is being processed. This must be provided within one month and free of charge.