Health and Safety Consultants / Human Resources  / What is GDPR and our role as a business.
29 Mar

What is GDPR and our role as a business.

What is GDPR?

The General Data Protection Regulation (GDPR) is the biggest change in data protection laws for 20 years, and when it comes into effect on May 25th, 2018, it intends to give European citizens back control over their personal data. Its impact won’t just be felt in Europe though, as it will have wider implications for companies across the world that hold data on the continent.


Why should businesses care about GDPR?

Although this law comes from the EU, it will have a global impact. It will affect any business holding personal data on customers, prospects or employees based within the EU, and such businesses need to be preparing for the change now.  If businesses ignore this law, they can be fined up to €20m or 4% of their global annual turnover.


It’s worth remembering that data protection is more than a compliance issue. Customers care about their privacy and expect businesses to respect that. It’s good business sense to demonstrate that you ‘get’ this cultural aspect, as well as the financial one.


What are the new rules?

The rules are very complex, but our advice is not to be overwhelmed by them or to see the GDPR as your enemy.  If you build the rules into your organisational culture rather than being tyrannised by them then they will help you manage data more effectively, internally and externally.

The rules can be seen as following 6 themes

  1. Document what you have, and why you have it
  2. Manage data in a structured way
  3. Know who is responsible for it
  4. Encrypt what you wouldn’t want to be disclosed
  5. Design a security-aware culture
  6. Be prepared – expect the best but prepare for the worst


What is the impact on businesses?

The impact for businesses will undoubtedly be huge. The new rules will require businesses large and small across the globe to transform their policies, structure and personnel to ensure compliance and adherence.


Is Crownford GDPR Compliant?

The good news is yes. We are GDPR compliant.


Can Crownford help my business become GDPR compliant?

The answer is no. Crownford is not a GDPR consultancy. GDPR does not fall under our service remit. The good news is we have partnered with a data company ‘Datagator’ who specialise in providing businesses with documentation that can help you meet the requirements of the EU General Data Protection Regulation quickly and effectively. They also offer reassurance in a time of a crisis with their cyber insurance and breach cover. Designed specifically for businesses.


The GDPR toolkit includes all the policies, processes, procedures, tools and other documentation you need to keep personal data safe and meet the requirements of the GDPR.


To find out more please register your interest by emailing them at and stating you are a client of Crownford’s to receive 10% off your toolkit.

A member of the Datagator team will then contact you to confirm the authentication of being a client of Crownford.


I sill need further information about GDPR?

Although Datagator can provide the documentation and procedures you will need to become compliant you may want to discuss in depth with the ICO.

Follow the link below to speak with a member of their team.

  • It is possible we will see a raft of old claims.  We might see people, who chose not to bring a claim because of the fees, argue that they were prevented from doing so because the fees were unlawful and try to bring their claims now.  Or potentially they could sue the government because they were unlawfully denied access to justice.