• Bookmark this page

The Best Guide for the IG10 Area

IG10 news, reviews and local events in IG10 areas including Loughton, High Beech, and communities in IG10. Are these places the most relevant to this postcode? Let us know!

Calendar of
Upcoming Events

GDPR (General Data Protection Regulation) comes into force on 25th May 2018

Author: JETenterprises UK Limited Published: 13th March 2018 12:33


General Data Protection Regulation pictorial image
 Is your company ready?

The GDPR (General Data Protection Regulation) is effectively an update to the UK’s Data Protection Act. It sets out the requirements for companies who hold personal data – whether that is on staff, customers or others, and also the rights of the individual to access the information held about them.


Very briefly, the GDPR was ratified by the EU in mid-2016 and gave member countries two years to implement the requirements. In the UK, this is led by the Article 29 Working Party and the Information Commissioners Office (ICO). The regulations will be enforced from the 25th May this year and it is essential that companies understand the requirements and have put in place procedures to clearly manage their responsibilities – not only to avoid fines, but to give staff, customers and the general public, confidence that their personal data is being responsibly managed and is not being unnecessarily shared.

Who Does GDPR Apply To?

The GDPR applies to anyone who manages personal data, or who sets out what a company does with personal information.

What Do Companies Need to Do?

Obtaining Consent

Companies must proactively gain consent to hold personal data. Your terms for consent must be clear and not buried in the small print with ‘legalese’ language. Consent must be given and freely withdrawn at any time.

Notifying Breaches

Companies must notify the affected people within 72 hours of a data breach. Failure to report within these timescales will lead to fines.

Right to Request Information

If any of your users request information on the data that you hold on them, you must have procedures in place to be able to provide, for free, a detailed report on the information held and what it is used for.

Right to be Forgotten

Once the personal data you hold is no longer required, or if consent is withdrawn, the user has the right to request that the data is completely erased. Again, you must have procedures in place to ensure that this is completed.

Privacy by Design

Companies have to design their systems with the proper security protocols in place from the start. Failure to do so will result in a fine.

Potential Data Protection Officers

In some cases, you may need to appoint a data protection officer (DPO). The requirement for a DPO depends on the size of your organisation and the level at which you process and collect data.

Your Rights GDPR image
Your Rights As An Individual

The GDPR also gives you, as an individual, clear rights under the new regulations.

The right to be informed

Any organisation that holds personal data on you, whether provided directly by yourself or by a third party, must provide information on what data they hold and what they use it for. Any consent requests must be clear and jargon-free.

The right of access

You will have the right to obtain confirmation that your data is being processed, access to your personal data and any other supplementary information.

The right to rectification

You are entitled to have personal data rectified if it is inaccurate or incomplete. If the company has disclosed the personal data in question to third parties, they must also inform them of the rectification where possible. The company must also inform you about the third parties to whom the data has been disclosed.

The right to erase

The right to erasure does not provide an absolute ‘right to be forgotten’. You have a right to have personal data erased and to prevent processing – where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed; when you withdraw consent; if you object to the processing and there is no overriding legitimate interest for continuing the processing; the personal data was unlawfully processed (ie otherwise in breach of the GDPR); the personal data has to be erased in order to comply with a legal obligation or the personal data is processed in relation to the offer of information society services to a child.

The right to object

You can object to a company using your data based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

Useful Resources

The Information Commissioners Office (ICO) has developed checklists to help you assess how ready your organisation is. They can be seen here.

Download the ICO guide – 12 steps to GDPR – here.

For those you who want the intimate details – download the full guidance here.

Please get in touch if you would like to know how we can help you fulfil your responsibilities under GDPR please call 0800 242 54 24 to arrange an appointment.

Article by JETenterprises UK Limited

For more information on their IT consultancy and services please see their website: JETenterprises UK Limited

Bookmark and Share

Report this article as inappropriate


Simon M
At 11:54 on 1st May 2018, Simon M commented:
Thanks Jeff at JETenterprises UK LImited for your advice and guidance on GDPR. Relief to know we now have all our policies and practices in line with the new data protection legislation. Recommend giving them a call if your company needs any assistance with this new legal requirement.

You need to log in before you can do that! It's only a quick registration process to join the AMA network and completely free.

Sign in or join now to post a comment
Find a Local Business Get the IG10 Newsletter!
Back to Top
© Copyright 2005-2024 AboutMyArea

AboutMyArea Privacy Policy

IG10: IG10 Home | News | Community | Business Directory | Contact Us
AboutMyArea: Home | Site Map | Contact AboutMyArea | Terms & Conditions | Community Guidelines | Business Opportunity | Help

About Cookies