We’ll assess your business’s IT systems and procedures, measuring it against the demands of data protection requirements and work alongside you as an extension of your business to fill in the gaps. From helping you to review and assess your existing systems through to improving your cybersecurity systems and IT infrastructure, we’ll put together a bespoke action plan and be with you every step of the way.

General Data Protection Regulation is an EU data protection regulation, which introduced a series of ‘data subject’ rights in 2018 to ensure that all EU residents have control over their personal data. Even if you are an organisation operating outside of the EU, the GDPR still provides the gold standard of data protection legislation which your EU based clients will expect you to adhere to. These rights include being able to obtain easily accessible information in plain language about the use of personal data and the personal data itself, ordering the alteration or deletion of incorrect personal data, the ability to restrict or object to the processing of personal data and more.

The ePrivacy Regulation replaces the ePrivacy Directive, which was implemented in the UK via the Privacy and Electronic Communications Regulation (PECR). In adherence with EU ePrivacy standards, companies must inform visitors about cookies and tracking technologies in use on their websites. A cookie is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. Consent must be obtained in many cases before a cookie can be placed on a device. ePrivacy poses perhaps an even greater challenge to marketers than the GDPR. This is because of its possible severe impact on B2B marketing and the use of cookies online.

Any EU companies that do not comply with the GDPR and suffer data breaches could be subject to massive fines of up to 4% of annual global turnover or €20 million, whichever is greater.
Companies operating outside of the EU will face massive reputational damage and great financial loss as customers lose faith and migrate to a rival who can protect their sensitive data.
Therefore, in the face of this potential financial penalty, and considering the risk to your reputation that non-compliance holds, GDPR compliance is essential. The easiest and surest way of doing this is by employing the help of a GDPR consultancy firm, like Southwood.