The General Data Protection Regulation (GDPR) came into force on 25 May 2018 – 2 months ago now. Many small businesses I work with have mentioned to me that they have an awareness of the regulation, but do you really understand what it means and how it affects their operations? Don’t worry, we’ve got the basics covered. 
Firstly, all businesses operating in the EU needed to be fully compliant with GDPR by 25 May 2018, from international giants right down to small firms that operate on a local scale. With the potential for fines for non-compliance, it’s important to make sure the necessary steps are in place. 
 
If you’ve yet to assess how GDPR will affect your business, here’s three simple steps to get you started: 

1. Permission for email marketing 

Marketing to customers is an essential for growing your customer base but how you go about it is set to change. In order to directly market to customers via email, you will need to have their explicit permission. 
If you currently use a lead generation form, collect data when consumers make a purchase, or gather email addresses in another way, you need to add a statement that users actively tick to say you may contact them for marketing purposes. If customers currently have to uncheck a box, that needs to change. If you work with a third party to support lead generations, you need to make sure they stick to this term too. 

2. Clear privacy policy 

You should already have a privacy policy in place on your website but if not, GDPR is the perfect opportunity to ensure you have one that’s clear and transparent. You should set out a range of areas, such as what personal information you hold, how it will be used, and how it’s stored. Not only does your privacy policy need to be intelligible but it should be readily accessible too. 

3. Simple way to opt out 

Do you currently make it easy for leads and customers to opt out of your communications? From when GDPR is implemented, it’s an essential requirement. It’s likely that an unsubscribe button is already located on your emails, if it’s not this should be the first step that you take. But you need to go beyond this too. The process of opting out should be straightforward and accessible, and all data relating to the person should be erased. 
If you need more advice on GDPR and how it affects your business download our whitepaper or feel free to get in touch.  
 
 
 
 
Written by: 
 
Nicola J O'Sullivan -  
Effective Accounting 
 
Founder | Xero Champion | IR35 Expert 
 
 
Share this post:
 
"I couldn't recommend them highly enough and will continue to use them for Spiral Static and all future ventures!" 
 
Matt Badley | Spiral Static 
 
 
"I have found their help in modernising my accounts invaluable and would recommend them to anyone in a heartbeat." 
 
Matthew Finch | Trailer Aid Ltd 
 
 
"The whole team at effective accounting are exceptional."  
 
Jennifer Duthie | Skribbies Ltd 
 
 
"Nicola is one of the most adept and accessible accountants that I have ever had the pleasure of working with." 
 
Carter Stewart | Transworld Consulting Ltd 
 
 
"Choosing Effective Accountants has been one of the best decisions we made when we started our company."  
 
Matthias Geeroms | OTA Insight Ltd 
 
 
"Nicola and the team have proven to be extremely professional, efficient and always on hand to answer any questions I have (and I have a lot!)." 
 
Emily Hodges | EM Hodges Ltd 
 
 
"I find the service to be prompt, professional and friendly." 
 
Simon Weightman | Mercury TS Ltd 
 
 
"They are quick to respond and are always ahead of the curve for us. Keep it up and thank you." 
 
Freda McMahon | Lobster Noodle Ltd