We’ll help you unlock the full potential of your data

Experts in privacy & data protection law

How? Our expertise ensures your data monetisation is aligned with data protection best practices

How we work with you

We can offer you a comprehensive suite of services tailored to meet the unique needs for your organisation. This including Marketing Laws, Audits, Data Transfer Agreements, Privacy Polices, Contract Reviews, Incident Responses, Cross Boarder Data Flows and much more.

Solutions that fit everyones needs

Our expertise

Small business
offers

FAQ

Loader image

Non-compliance with GDPR may lead to fines for both large and small businesses. The amount of the GDPR fine is dependent on many factors. It will for instance make a difference if non-compliance was deliberate or due to negligence and how well your business cooperates with the authorities. The upper limits of GDPR penalties are:
  • Up to £8.7 million or 2% of annual global turnover (whichever is higher) for less serious infringements. And fines of up to £17.5 million or 4% of annual global turnover for severe infringements.
In addition to these fines, companies may have pay compensation to affected persons.

First and foremost, GDPR compliance protects the people behind the data. By following GDPR requirements, you ensure informal self-determination and privacy of your customers, employees and contacts. And GDPR compliance even brings several business benefits, including greater trust and credibility between organisation and the data subjects, improved data security, reduced data maintenance costs, right alignment with latest technology, and better decision-making for companies. Also, complying with the GDPR helps in minimisation of data breach risks that could not only lead to fines, but can also negatively affect the brand image.

Under the UK GDPR, an organisation must appoint a DPO if it’s a public authority, its core activities involve large scale data processing that requires regular and systematic monitoring of individuals, or if its core activities consist of large-scale processing of special categories of data or data relating to criminal convictions and offences. Although there is not a legal requirement to hire a DPO once a certain number of employees is reached, many companies still opt to appoint a DPO in order to deal with complex privacy requirements.

GDPR is essential because it improves the protection of data subjects’ rights and clarifies what companies must do to safeguard these rights while processing personal data. Within the UK, GDPR led to the creation of the Data Protection Act (2018), which superseded the previous 1998 Data Protection Act.

GDPR restricts the collection of new email addresses and other contact information as well as the use of existing email addresses and other contact information. You can send direct marketing emails to existing customers without their prior consent if you have an existing relationship with them.


Resources

Discover our constantly expanding Practical Privacy Resources, providing indispensable insights and guidance on achieving GDPR compliance for individuals and businesses. Stay updated with our continually expanding list of essential tools, ensuring you have the latest information at your fingertips.