The General Data Protection Regulations (GDPR) are coming, is your business ready?

The General Data Protection Regulations came into force in May 2016 and ALL businesses that hold personal data MUST comply by 25th May 2018. This represents a sea change in data protection and introduces a raft of new rules. If you hold any personal data for anyone who resides in the EU (including the UK) you will need to comply with this new set of rules. For HR and Hiring Managers, this covers all past and current employees, but also job applicants, both direct and speculative.


The consequences can be devastating for your business.

  • Up to 20 million Euro fine or 4% of global turnover, whichever is the highest for breaches of the regulations. This represents a 4,000% increase on current maximum fines under the outdated Data Protection Act 1998
  • Right to compensation for each person affected by a breach of the rules. Just one breach could affect your entire customer base giving each of them a right to sue you for compensation. Their loss need only be minimal and the Courts have held distress as being compensatable.  If you have not done all you can to mitigate your loss then it is unlikely any insurance policy you may hold for such a breach will cover claims against you.
  • Loss of customers / reputation.  Any breach is likely to result in a loss of confidence and trust meaning your customers are likely to take their business elsewhere


Here at Grassroots we have partnered with GDPR Training Ltd to bring you training and solutions to ensure your business complies with the new rules. Whether you require an in-depth consultation to assess your business’ strategy to tackling GDPR, in-house bespoke training to ensure compliance and awareness, or help recruiting GDPR Data Protection Officers, contact our Director, Steven Byrne on 0161 442 5840.