As firms continue to chase their clients to sign their GDPR consent forms, we were readily reminded that we were no exception by a meme sent to us by one of our clients…
Whilst the meme above led to a few laughs in our office, missing the GDPR compliance deadline of the 25th May is no laughing matter. We have found a lot of small businesses have little understanding of GDPR and their obligations. Any company holding client data (this can simply be a name and email addresses) will be impacted by GDPR.
Many companies are already bound by confidentiality through the data protection act however GDPR goes further than this. GDPR (General Data Protection Regulation if you fancy a tongue twister) requires explicit consent from your clients to be able to hold their data on file and continue to contact them in the future.
Some companies may be required to register an individual as a data controller (this is likely to apply where you hold a lot or sensitive data about clients). We as an accountancy firm would be such an example of this.
There are pages and pages of literature and advice on this on the internet and it’s easy to become lost it in all or not know where to start. If you need advice on your business and how to comply, please get in touch and we’ll be happy to send you the relevant literature and provide advice to you on what you need to do