The 25th May 2018 is approaching… GDPR is coming… don’t panic… help is at hand!

The 25th May 2018 is approaching… GDPR is coming… don’t panic… help is at hand!

Many business owners will stop reading in the next few words because they have never heard of GDPR or think it won’t affect them. However, the General Data Protection Regulation (GDPR) applies to ANY organisation or business, however big or small, ANYWHERE in the World, that collects data about citizens of the EU. This will still apply to UK businesses after BREXIT.

What is GDPR?

It is an EU regulation designed to protect the personal data held about European residents. Penalties for noncompliance can be up to 20 million euros, or up to 4% of the previous year’s worldwide trade, whichever is larger.

What does the EU class as personal data?

The European definition is wide ranging and includes:

  • First and last name
  • Bank account information
  • Address
  • Medical Records
  • Passport information
  • Personal email address
  • Credit card information
  • Photos and videos
  • Usernames and passwords

It also includes, but is not limited to, political opinions, health information, sexual orientation and trade union membership. Then there is biometric data, examples of which include, but again are not limited to, fingerprint, palm veins, face recognition, DNA, palm print, hand geometry, iris recognition, retina and odour/scent. Behavioral characteristics are related to the pattern of behavior of a person, including but not limited to typing rhythm, gait, and voice.

So, if you have any sort of list of clients, even if it is “just names and numbers stored in contacts on your phone” GDPR applies to you.

What should I do?

Here are some options;

  1. Stop all business activities within the EU.
  2. Find a way to do business without collecting any data.
  3. Work out how to comply with the regulation.

Clearly, the first two would be almost impossible, so you should visit the European Union’s GDPR website to familiarise yourself with the requirements and penalties imposed by the regulation. There is also good advice on the Information Commissioner’s Office website ( If you Google GDPR there are countless articles and guides to help you get to grips with the new legislation.

At the start I said don’t panic, because although this will affect the way you do business, there is lots of help and advice available.