The GDPR came into force on 25 May 2018 bringing with it a bombardment of privacy notices and creating uncertainty for business owners as to what it meant for them.
Some businesses contacted everyone on their mailing lists and asked for consent, others did nothing. Solutions such as ‘privacy by design’ and ‘encryption’ were proposed by technology companies. Many professional associations were not sure how the GDPR applied to themselves let alone their members.
This all left the small to medium sized business owner with no clear and practical advice as to what they should be doing to ensure GDPR compliance.
Now the dust is settling, this talk aims to cut through the common misconceptions surrounding the GDPR and to give some practical and honest advice about what businesses should be doing to demonstrate their compliance.
Reviewing issues of consent, privacy notices, internal records, data retention and security, this event is for anyone looking to revisit their GDPR obligations and move forward confident that they will not be at risk of the penalties publicised for breaches of the regulations.
Alex is a solicitor working in the Corporate and Commercial department at Streathers Solicitors LLP, based in Baker Street.
Alex advised his firm on their own GDPR compliance and has acted on a wide range of data protection matters for small to medium size enterprises including the preparation of privacy notices and other key compliance documents, the drafting of simple agreements to meet controller/processor obligations, advising on data breach handling and the interpretation of data subject rights.
Alex’s approach to the GDPR is straightforward and practical: don’t panic; consider the real requirements of the legislation; determine the most/least you can feasibly do; and find the appropriate point in between that suits the size and nature of your business. It’s as much about what you do not have to do as that which you do have to do.