A Guide to GDPR

A Guide to GDPR

GDPR objectives

The General Data Protection Regulations give individuals control over personal data. The legislation was introduced to show businesses how to think seriously about personal data, how it is managed, stored and therefore ultimately used.

GDPR penalties

GDPR comes with harsh penalties for those who do not comply. Companies found guilty of misusing data can be fined heavily, with fines up to 4% of turnover.

The Courts take a strict approach to GDPR compliance; with individuals being able to claim compensation as a consequence of breaches.

To save your business from heavy fines and legal costs, it is important to be compliant from the first instance.

GDPR Controllers and Processors

GDPR is wide reaching and impacts all aspects of business from customers and employees to suppliers and third parties. It is necessary to have a Privacy Notice in place and appropriate contractual provisions.

GDPR applies to both controllers and processors of personal data. Your obligations vary, depending upon whether you are a processor or controller of personal data. In short, a controller decides the purpose of the data processing, whilst the processor actually processes the data.

Both controllers and processors can be claimed against for compensation and damages.

If you are unclear of your obligations in any way, appoint an expert to clarify your role.

Lawful Use of Data

Data ranges from contact information; telephone numbers and emails, to more sensitive information such as medical history.

A Business must have a legitimate reason to store and use data. There are 6 lawful reasons to process data:

  • Consent
  • Contractual obligations
  • Legal obligation
  • Vital interests
  • Public interest
  • Legitimate interest

Do all businesses must comply with GDPR?

In short yes. GDPR applies to all organisations who hold any form of data. Even small businesses who may only hold limited data such as a contact number technically need to comply.

The data protection laws are complex and what steps you need to take will depend on the nature of the business. The obligation to comply with GDPR is continuous, and there is no short or simple answer. If you are unsure on your own business situation then seek a professional partner to provide legally accurate advice.

Have you any questions?

Here at Yorkshire Powerhouse, we’re happy to help as much as possible – is there anything else we can do to help you, do you have any further questions or can we help introduce you to an expert – please let us know:

"*" indicates required fields

This field is for validation purposes and should be left unchanged.


Business Litigation - an overview

Business Litigation – an overview

Business litigation can often be a minefield … be conscious of taking the correct action in order to best protect your legal and financial position

Business to Business Terms & Conditions

Business to Business Terms & Conditions

No two businesses are the same and it is therefore important that your terms & conditions reflect your specific business needs.

The GREAT Yorkshire Directory
Powerhouse Networking

The GREAT Yorkshire Suppliers Directory:

Here are some more of our GREAT suppliers who can help you with your business planning needs:

Do you need some FREE planning tools to help your business?

Take a look at our download files by clicking this link ...

Would you like to receive more FREE business information?

Recieve our FREE email newsletter...
...just enter your email address here:

You have Successfully Subscribed!