You are not currently logged in
Log In | Register

GDPR FAQs For Small Organisations

Tagged with GDPR HELP, GDPR ADVICE, GDPR, FAQS
by Adam Brogden
in Blog

21-Aug-2019 12:11

What Is the GDPR?

The General Data Protection Regulation is a European-wide law that replaces the Data Protection Act 1998 in the UK. It places greater obligations on how organisations handle personal data. It came into effect on 25 May 2018.

What information does the GDPR apply to?

The GDPR applies to ‘personal data’, which means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

Does the GDPR only apply to EU organisations?

The GDPR applies to processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.

How can I prepare?

You can find the latest guidance on the new legislation at https://optindigo.com we’ve created packages of documents aimed at small and micro businesses.

My firm employs fewer than 250 people. Am I exempt from the GDPR?

You’ll have to comply with the GDPR regardless of your size, if you process personal data.

Do I need to appoint a data protection officer (DPO)?

Under the GDPR, you must appoint a DPO in certain circumstances.Contact us for more information.

Can I have specific policies and procedures for my sector?

Yes. Check out https://optindigo.com we’ve created packages of documents aimed at different types of companies, these document packs will help you through the GDPR process quickly and easily.

What are the rules under the GDPR for subject access requests?

The right of access under the GDPR contains important differences around fees, time limits, refusals, electronic format, refining requests and method of access.

Can you help me decide what to include in my privacy notice?

The GDPR sets out the information that you should supply and when individuals should be informed.The information you supply about the processing of personal data must be: concise, transparent, intelligible and easily accessible; written in clear and plain language, particularly if addressed to a child; and free of charge.

What are the criteria for issuing monetary penalties?

There are certain criteria that the ICO will assess before imposing a fine, such as: the number of people affected, any damage to the data subjects, the negligent or intentional nature of the infringement and action taken by the data controller to mitigate the damage.However, the GDPR has introduced some new criteria, such as:

  1. The controller’s adherence to codes of conduct and approved certification mechanisms

  2. The extent to which the data controller notified the supervisory authority of the infringement and co-operated with it.

As well as fines, the ICO has other mechanisms to change the behaviour of organisations such as warnings, reprimands or corrective orders.

Hope this helps – feel free to call us anytime.

Textgoto is a UK based text marketing SMS aggregator offering the lowest cost SMS, with the highest quality and best text delivery rates. We design, develop and support our own unique advanced SMS platform, offering the most sophisticated SMS campaign management and text message data handling functionality available.

Our bulk text marketing platform offers full SMS API integration, unlimited SMS throughput, and response management functions.

Based in the North West UK we are easy to contact and always willing to help. Our team is made up of seasoned text developers, experienced SMS campaign managers, and cool operations managers. Together we have all the skills and experience you need to run your amazing SMS campaigns. Call us today on 01772217800 or just click the button below to register a free account today

Try us for free now