GDPR is coming next May and it's been eye-opening for me to see just how much there is to consider to ensure you're fully compliant.

I've heard lots of comments about the fact that companies 'should be already doing all of this' and whilst I agree, the simple truth is, I can't think of many that actually are in full. There's also quite a lot naivety about Brexit and the impact but the fact is, this is 100% happening.

We're getting close to appointing our official partner to help support clients so if you answer 'no' to one or more of the below questions, get in touch and we'll let you know how we can help.

1. Do you have a data protection policy?
   
   
2. Does your team get regular data protection training?
   
   
3. Is data protection covered in your company handbook?
   
   
4. Regarding data storage, do you have an up-to-date document which outlines where the data is stored?
   
   
5. Are all files (Excel/Word etc) which have contact data within them encrypted and protected?
   
   
6. Are your personnel contracts compliant with GDPR?
   
   
7. Do you have a documented process for handling subject access requests?
   
   
8. Do you know exactly where your data is stored via 3rd party systems or applications i.e. MailChimp, Accounting System, CRM system etc?
   
   
9. Regarding the systems you may be using which hold contact details, do you know if they are GDPR compliant?
   
   
10. Do you have a clear audit trail for how people joined your mailing list?
    
    
11. Do you have a clear unsubscribe mechanism on your marketing email communications?
    
    
12. Do you have a documented process for how to handle a data protection breach?
    
    
13. Is your office secured effectively to avoid anyone entering and stealing devices with data on them?
    
    
14. Are your mobile phone and tablets secured effectively?
    
    
15. Can you deactivate your mobile/tablet devices remotely to avoid data breaches?
    
    
16. Do you have a data retention policy detailing how you will store data on an individual, how long for and what you'll do when you no longer need those details?
    
    
17. Do you have a privacy statement and terms of use on your website?
    
    
18. Do you have an up-to-date cookie policy on your website detailing what information you will be storing and for what purpose?

This list is the tip of the iceberg but if you've answered 'no' or 'not sure' to any of the questions above, we'd recommend getting in-touch to find out more about how we can help. We have different specialist consultants to ensure you can soon answer 'yes' to all of the above questions & more which will come your way. As the deadline closes in, demand will rise for these services so don't wait until the new year, get in-touch today.

Contact us to find out more about GDPR.