What is GDPR? And what do I actually need to do?

The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. It becomes enforceable on May 25th 2018.

We are not legal experts so we have decided to tackle GDPR for small businesses by setting out a to-do list and some useful links and putting it all in once place. Just right here. Keep reading, you will finish this before your tea goes cold and come back to it when you have time to dig in further. 

GDPR refers to changes in privacy laws. It's for the benefit of the consumer. It is about how your data is kept and how businesses process your Personal Data (PD). We all have to make a change to how we manage and store data, and also in how clear we are in explaining this.

We are based in Ireland, but the GDPR affects all businesses within the EEA (European Economic Area)


Jump on board! GDPR is for everyone

So here's a useful to-do list and some good resources below.

  • Check you have a privacy policy on your website. Do I need one? If you collect any data via contact forms, newsletter signup, google Analytics etc.. then YES you do need one.

  • Check you have a cookie consent policy as part of your privacy policy or separate to it.

  • Check your website forms are compliant and if they are not you will need to request consent again. How do I know if they are compliant? A good guide can be found below.

  • Familiarise yourself with the concepts of Consent and Lawful Basis. More information in the useful links below.

  • Make a strong cup of tea ;)

8 Things I Learnt in The Last Year Running My Small Business

6 Essential SEO Tips for your Small Business in 2018