The EU General Data Protection Regulation

A collection of GDPR resources for UK Small Businesses

The EU’s General Data Protection Regulation – or GDPR – represents one of the largest changes in data privacy laws for many years.

It will affect, to one extent or another, the vast majority of businesses in the UK – from new start-ups and micro-businesses, all the way up to large multi-nationals. Bigger organisations will have had their legal teams working on it for some time.

But small businesses are vulnerable, and from what we can see, it’s not even on the radar of most of the people we speak to – and that’s a concern.

We’ve created a series of articles that explain, from broad concepts all the way down to specific detail, the things that small businesses should know. GDPR effective date: 25th May 2018.

Jump to:

General principles to get you up to speed
A suggested step-by-step action plan for small businesses
Detail of specific issues affecting small businesses

Concerned about GDPR for your business website?

We offer GDPR consultancy services for all web design projects.

GDPR General Principles

Getting up to speed with GDPR

Small business websites, data privacy and why we really need to start caring

A look at why small business owners need to start thinking very carefully about data privacy, in the light of new European data protection legislation.

GDPR 101 – An introduction to the General Data Protection Regulation

An introduction to the EU’s General Data Protection Regulation (GDPR) for small businesses – understanding your obligations.

GDPR Action Plan for Small Businesses

A recommended step-by-step plan for becoming GDPR compliant

Small Business GDPR Action Plan – A Summary

An outline of our plan for how small businesses in the UK can approach becoming GDPR compliant.

GDPR Small Business Action Plan: Part 1 – Understanding your personal data

How small businesses in the UK can get to grips with what ‘personal data’ is, and how they process it.

GDPR Small Business Action Plan: Part 2 – How do you process personal data?

What ‘processing’ means in GDPR terms, and how you are currently using individuals’ personal data.

GDPR Small Business Action Plan – Part 3: Is your data processing lawful?

Your guide to understand the lawful basis for processing personal data under the GDPR.

GDPR Small Business Action Plan – Part 4: Implement a process for ongoing compliance

How to make sure your business becomes and stays compliant, including how to write a Privacy Policy.

GDPR Specifics

Dealing with some of the particularly thorny issues

GDPR – Cookies, notifications & consent – a 2019 update

In this update to our previous article on cookies and the use of cookie notifications, we’ll look at the significant implications of the ICO’s 2019 updated guidance on the use of cookies.

GDPR – Do I need a Cookie Warning on my small business website?

In this article we’ll look at the steps small business website owners need to consider relating to cookies and cookie warnings.