Call us on:
01392 349 580

GDPR: What is it and how does it affect your business? 

In simple terms GDPR stands for the General Data Protection Regulation and it is the new rules, laid out by the Information Commissioners Office (ICO), to control what data businesses hold and how that information is used. The new rules come into play in May 2018 and the maximum fine for breeching the new rules is 4% of Global Turnover or £20 Million.

After that things get more confusing and looking at the ICO website is more likely to add to the confusion, rather than clarify things.

First of all you need to know that GDPR applies to personal data, not to business information. However, if you hold information about individuals in their capacity as employees that might be covered by GDPR. But for most organisations, keeping HR records, customer lists, or contact details etc, the change to the definition should make little practical difference. 

Key changes are that every company that holds data should have a named person as Data Controller. They are responsible for auditing data to map what data is held where, is personal data held on your website servers, CRM, Accounts programs, Quotes, Outloook, Mailchimp etc.

Having a plan and procedure to allow people to know what data you hold and how that can be deleted (the right to be forgotten) is a fundamental part of GDPR.

Putting in place systems to ensure the data is accurate and up to date is the next step to being GDPR compliant. For more information on the steps you need to take the ICO have issued a Fact Sheet  

Updating your website Terms and Conditions, Privacy Policy and Terms of Use is a wise precaution, as the website is the most outward facing part of your business, which could easily be exploited by people who don’t have your best interests at heart. Displaying clearly that you understand GDPR and have taken steps will deter casual ill-wishers. Much like having a burglar alarm deters thieves!

Now that all sounds a bit worrying and draconian but there is a huge opportunity here too. Having a smaller database might seem a bad thing but having a focused database that is up to date, accurate and integrated across all your platforms is not only good housekeeping but is marketing gold dust.

Take the opportunity to contact your database proactively and explain why you need to make sure your records are up to date, with a few added benefits and reminders of your service. Just this basic interaction is almost guaranteed to create sales opportunities from dormant contacts.

The important thing is to take action early. Don’t wait until May next year and end up panicking. Act now by mapping the data held across your organisation and put in place a plan to ensure when GDPR comes into force you are ready and compliant.

Please follow and like us:


Sophie Angell
Sophie is part of the Digital Marketing team at WNW Digital, concentrating on running your social media channels, writing blogs and writing content for your websites. You can follow Sophie on Twitter @SophieWNW or alternatively email her at

Get our weekly Digital Marketing Insights (it's free!)

Leave a Comment

Want to join the discussion? Please fill out the form below to leave your comments on this article.

Discover the exact formula you need to implement to get more sales & enquiries online with our video guide.

* indicates required

Yes, I want to receive weekly digital marketing insights

* indicates required