For your business

For your business

General Data Protection Regulation (GDPR)

Now that GDPR has come into force, have you taken the necessary steps towards being GDPR compliant? Failure to comply may result in a fine from the Information Commissioner’s Office (ICO).

The first step to take in order to comply with GDPR is to carry out a “data mapping” exercise (a data audit) to establish the following:

  • What data your organisation holds?
  • Where it came from?
  • How it is used?
  • What legal basis under GDPR applies to its use?
  • Where it is stored?
  • Whether adequate measures are in place to protect the data?
  • and how long it will be kept?

If your business requires assistance, CWJ are able to help with the following:

Employment law matters

  • Advice on updating data privacy notices
    You will need to inform employees, job applicants and leavers about the data you are holding.

  • Contract and policy review
    This will include updating the employment contract and preparing a GDPR compliant data protection policy.

Commercial law matters

  • Updating privacy policies
    This will need to be updated to inform your customers of the purposes for which their data is used and their rights under GDPR.

  • Contract reviews
    There is a need to review contracts with your suppliers and ensure there are provisions about how data will be handled and shared.

  • Data protection policies
    We are able to provide advice in relation to your use of data for marketing purposes.