{"id":3251,"date":"2017-08-14T16:58:47","date_gmt":"2017-08-14T16:58:47","guid":{"rendered":"https:\/\/www.openbusinesscouncil.org\/?p=3251"},"modified":"2020-02-27T09:35:55","modified_gmt":"2020-02-27T09:35:55","slug":"gdpr-means-small-businesses","status":"publish","type":"post","link":"https:\/\/www.footballthink.com\/gdpr-means-small-businesses\/","title":{"rendered":"What GDPR Means for Small Businesses"},"content":{"rendered":"
\"\"
What GDPR Means for Small Businesses<\/figcaption><\/figure>\n

Now that the planned General Data Protection Regulation (GDPR) changes are just nine months away, there are likely to be a number of firms \u2013 of all sizes \u2013 still scrambling to discover what they need to do to be compliant with these changes, in order to avoid the hefty publicised fines.<\/p>\n

The best place to start is to become\u00a0familiar with the detail of the GDPR<\/a>\u00a0and how the incoming new rules will affect your existing business, date use and storage planning. It\u2019s also useful to know the GDPR rules that have been specifically designed for small businesses, or SMEs.<\/p>\n

SME GDPR Regulatory Caveat<\/strong><\/p>\n

Following a lengthy consultation period, the incoming GDPR has recognised that smaller businesses aren\u2019t able to achieve exactly the same as larger businesses. And also, that not all the rules that are relevant to bigger firms are relevant to SMEs.<\/p>\n

Indeed,\u00a0in article 30 of the regulation, the GDPR states that businesses with fewer than 250 employees are exempt from much of the legislation \u2013 \u201cunless the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the processing is not occasional, or the processing includes special categories of data as referred to in Article 9(1) or personal data relating to criminal convictions and offences referred to in Article 10.\u201d<\/p>\n

However, considering how much data is requested, processed, used and stored by most businesses of all sizes, small business advisory specialists\u00a0Global Resources LLC<\/a>, are of the opinion it would be prudent for SME\u2019s to create new personal-data related guidelines, in line with much of the GDPR.<\/p>\n

Back to GDPR Basics<\/strong><\/p>\n

As you will no doubt be aware, GDPR has been designed to replace existing data privacy laws and more robustly protect consumer\u2019s private data after it\u2019s shared with different businesses. This is more important than it was when the original data protection acts were created, due to the much broader use of online shopping and activity which requires people to share their private data.<\/p>\n

The key changes from existing data laws, that are addressed in the GDPR include:<\/p>\n