We support clients across all sectors including private, non-profit and start ups

UKGDPR for business

Home

UKGDPR for business

What are the Business Implications of UKGDPR

Data protection law puts the customer in the driver’s seat, and the task of complying with this law falls upon businesses and organisations.

In short, the UKGDPR applies to all businesses and organisations established in the UK, and with effect 1 January 2021 organisations that send data outside of the UK will need to have mechanisms in place for this to occur. As part of the new trade deal, the EU has agreed to delay data transfer restrictions for at least another 4 months, which can be extended to 6 months (known as the bridge). If the EU has not made an adequacy decision about the UK at the end of the bridge. We recommend you put alternative safeguards in place before the end of April, if you haven’t done so already.

In the vast majority of cases, this is best done by putting in place a contract between you and the sender on EU-approved terms, known as standard contractual clauses (SCCs).

If you are a larger organisation or multinational company, and you are not sure whether you have mechanisms in place do not hesitate to contact us for further advice and guidance.

 

VIEW SERVICES

Get a free consultation

UKGDPR FOR Business

The Impact of UKGDPR on Customer Engagement

The conditions for obtaining consent are stricter under UKGDPR as the individual must have the right to withdraw consent at any time and there is a presumption that consent will not be valid unless separate consents are obtained for different processing activities. This means you have to be able to prove that the individual agreed to a certain action, to receive a newsletter for instance. Companies should have already reviewed business processes, applications and forms to be compliant with double opt-in rules and email marketing best practices. In order to sign up for communications, prospects will have to fill out a form or tick a box and then confirm it was their actions in a further email. Organisations must prove that consent was given in a case where an individual objects to receiving the communication. This means that any data held, must have an audit trail that is time stamped and reporting information that details what the contact opted into and how. If you purchase marketing lists, you are still responsible for getting the proper consent information, even if a vendor or outsourced partner was responsible for gathering the data.
GET in touch

UKGDPR compliance

So how can you comply with the legislation you may be asking yourself. Well we at Keeffe and Associates Ltd have 25 years’ experience in the data protection arena.

We can help, guide and assist your business through the areas that are needed to ensure you have a robust privacy management system in place. From assessing the data you have right through to developing processes, policy and procedures that are fit for purpose.

In addition to this our consultants can deliver training on a wide range of data protection topics to ensure a positive culture is embedded in your organisation.

Conclusion

Your data is a valuable commodity and having a system in place to ensure its safety and security for your customers, visitors and employee alike is an absolute must.

If we can be of any further help or assistance with either an adhoc project or become your organisations Data Protection Officer we would be delighted to support you on your journey.

For further information on our Data Protection Officer service click here.

UKGDPR SERVICES

Understand how data protection legislation affects you

GDPR now UKGDPR has been in place for a few years now but the main risk to employers is complacency.  Therefore, Regular training on data protection is imperative. 

DATA PROTECTION OFFICER

DATA PROTECTION OFFICER

So, the first question you are no doubt asking is do I require a Data Protection Officer?  Well, you need a Data Protection Officer if any of the following apply…

Read More

UKGDPR FOR EDUCATION

UKGDPR FOR EDUCATION

As a public body or authority you are required to nominate a Data Protection Officer. Many education establishments have nominated someone internally…

Read More

UKGDPR TRAINING

UKGDPR TRAINING

GDPR now UKGDPR has been in place for a few years now but the main risk to employers is complacency.  Therefore, Regular training on data protection…

Read More