Unless you’ve been hiding in a cave, you should know that the General Data Protection Regulation (GDPR) comes into force on the 25th May 2018. Everywhere I turn, small business owners are asking, “What is GDPR and does it affect me”?
With headlines of the €20m fines, panic is rising, scaremongering reports are everywhere and you’re probably thinking that there doesn’t seem to be a simple answer anywhere. The countdown has begun.
Ultimately, however big or small a business you are, this regulation is probably going to apply to you.
So, what is GDPR and what does it mean for your business?
The short answer is, it will affect anyone “who has day to day responsibility for data protection” (ICO).
That includes if you are a ‘controller’ (someone who determines the purpose and means of the information) or a ‘processor’ (someone who processes the data on behalf of the controller).
An example in a very basic form is a business owner with an email list (controller) and a Virtual Assistant who sends the business owner’s emails in the email marketing system (processor).
But it’s also not restricted only to organisations in the EU.
What does GDPR mean for individuals?
Well, it’s not quite as scary as the headlines make out.
It doesn’t mean that if you’re not compliant by 25 May 2018 that you’ll get caught and fined €20million! Of course not.
However the increased fines reflect the seriousness of data protection in this modern data age where, according to the Economist, data is the most valuable asset in the world and as a small business owner, you cannot ignore it – you need to take it seriously and work on GDPR compliance for your small business.
As a small business law expert and data protection law expert, I am urging you to take your GDPR advice from someone qualified to interpret this legislation (ie a data protection lawyer), and not from the know it all at your local networking club or from articles on the internet from non-reliable sources where the author may not have interpreted the regulation and the guidance correctly.
There’s a lot of well-intentioned, but incorrect advice out there.
I was merrily consulting with multi-nationals on GDPR and, being very busy with that, I hold my hands up to say I was neglecting my small business community – and it was only when I realised the scale of the misinformation out there, that I felt compelled to help small business owners with GDPR.
I’m offering the benefit of my huge expertise in this area so that you don’t feel so confused by the amount of conflicting information that is out there at the moment.
Yes, there are going to have to be changes that as a small business you will have to make. But I want to make it simpler for you to understand.
What can you do to get GDPR compliant?
There are three simple steps I would advise you to take RIGHT NOW to get ready for GDPR:
1 – Join my GDPR group on Facebook.
Inside my GDPR for Online Business Owners free Facebook group, I am breaking down the complex regulations to tell you in SIMPLE terms what you need to do – with free daily videos and online trainings and answering many of your questions.
It’s your one-stop GDPR information group. And leading up to May 25th, it’s going to be the one place you can ensure you’re getting clear, simple, and legal advice with no scaremongering.
2 – Watch my comprehensive two-hour GDPR training webinar recording
My GDPR training webinar recording gives a great overview of GDPR and also goes into much more detail about things like email marketing and employee data/rights. Once you’ve watched this, I’m sure you will feel much clearer on what you need to do to comply.
3 – Purchase my GDPR Compliance Pack
If you want the simple, easy, and affordable way to comply with the new GDPR regulations, my GDPR Compliance Pack gives you access to 20 legal template documents and checklists, plus video guides from me on how to complete the templates, that will enable you to take the steps required to be GDPR compliant.
You don’t need to view GDPR as the big bad wolf.
In my view, it’s going to be a very positive regulation for all our marketing and customer relationships. Take the next couple of months to work through what you need to put in place with my training, my GDPR Checklist, my legal document template GDPR Pack and the support of my GDPR Facebook group and by May 25th you will be well on the road to compliance.
Suzanne Dibble is a multi-award winning business lawyer who consults with multi-nationals on data protection law and the upcoming GDPR. The Legal Services Board and the Law Society have heralded her innovative approach to helping small business owners with complex regulations. Suzanne worked with Richard Branson at Virgin where she managed a group wide data protection project which resulted in Virgin nominating Suzanne for the Solicitor of the Year Award and subsequently Suzanne was runner up in this prestigious award. Suzanne has had second to none training and experience at a top City law firm, leading billion pound deals and being on the board of £100m+ business (resulting in her being listed in the Who’s Who of Britain’s Business Elite two years in a row). Suzanne is one of the few lawyers that really understands the online world and the small business world and puts law and regulation in the context of your business. There has been a lot of scaremongering and hype about GDPR (with the headline fines of 20m) and Suzanne brings a practical, balanced approach.