Small businesses, here’s what you need to know about GDPR

On May of this year, General Data Protection Regulation (more commonly known as GDPR) came into effect. With the vast majority of businesses large and small utilising peoples’ data in some way, shape or form, there are few that won’t be affected, yet an alarmingly high number are unaware of how GDPR will alter their day-to-day practices or what they must do in order to ensure they’re compliant. Considering that the maximum fine for breaching this legislation can now potentially run into multi-million-pound territory, we here at Fields Data Recovery want to help – that’s why we’ve written about the most important things all businesses need to know about GDPR:

People have a right to access their data

Granted, people had a right to request you send them any data you may have about them previously, but you could request that they cover the costs you’d accrue compiling and sending it to them. Now, following the introduction of GDPR, you’ll need to provide this information to anyone that requests it and will need to do so without charging them.

You need to be transparent and ensure you have consent

A few months ago, your personal inbox was probably full of messages from various companies informing you of the latest changes to their privacy policies and requesting that you consent to them. Perhaps you, like many, assumed that these were being sent as part of a marketing campaign; they were actually in preparation for GDPR.

In accordance with this new piece of legislation, companies must now have people’s express permission to retain and use their data for marketing purpose. Additionally, they also need to ensure that their privacy policies are as transparent as possible and that people consent to them in order for them to maintain contact with the customer.

It’s time to encrypt your data

It’s always been best practice but, following the introduction of GDPR, data encryption is now mandatory for companies of all sizes. Failing to do it won’t automatically result in you falling foul of the legislation and landing a fine but, as accompanies attempts to protect customers’ data will directly influence the cost of any fine they’re issued with should they suffer a data breach. As a result, companies that encrypt their data are proactively reducing any potential fine they may be issued from the get go.


Whilst we at Fields Data Recovery believe that the three points discussed above are vital, GDPR has brought a series of changes which no company can ignore. If you’ve not yet acted and made changes in accordance with this new policy, it’s of the utmost importance that you identify what you need to do in order to ensure compliance and take action post haste.