Close X

GDPR 5 Steps

Enter your Name and Email address to download the "The 5 Steps Towards GDPR Compliance"

We will follow up this download with a single email but will not add you to our general mailing list.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
GDPR Advisor

GDPR Consultants

Close X

Contact us

Find out more

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form

GDPR Consultancy to Ensure Your Compliance

What OF GDPR NOW WE HAVE LEFT EUROPE?

GDPR is the EU Legislation- General Data Protection Regulation (GDPR) launched in 2018. With effect from 1st Jan 2021 the UK now operates under the UK-GDPR which is based on the update of the "UK Data Protection Act - 2018" and incorporates all of the GDPR protections but applies it to persons in the UK with the legal requirement to protect "Personal Information" wherever it is held in the world.

What is THE UK's DATA RELATIONSHIP with the EU/EEA NOW?

As part of the new trade deal, the EU has agreed to delay transfer restrictions for at least another four months from 1st Jan 2021, which can be extended to six months (known as the bridge). This enables personal data to flow freely from the European Economic Area (EEA) to the UK until either adequacy decisions are adopted, or the bridge ends.

At the end of the bridge period, unless the EU have made adequacy decisions, transfers of data from the EU to the UK will be subject to local transfer requirements in the sender’s country. Your European partners may ask you to comply with additional safeguards. We suggest you contact your partners in the EU to discuss what they want to do to ensure that data can continue to flow into the UK-GDPR has introduced new limits and controls on the way any organisation, business or charity, can retain and process "Personal Identifiable Information" belonging to a living European Citizen​.

Keep data flowing from the EEA

The UK Government has agreed that UK Organisations can continue to transfer Personal Data from the UK to EEA countries without any restrictions, including to countries that the EU have already made adequacy decisions about which includes Andorra, Argentina, Canada (commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland and Uruguay.

Having left the EU, the UK is now free to make its own adequacy decision and have already done so regarding Japan, such that UK Personal Data can now freely be transferred to Japan.

"US PRIVACY SHIELD" IS DEAD!!!

On the 16th July 2020 the European Court of Justice decided that the "US Privacy Shield" was no longer adequate.

In essence, they decided that US National Security law does not protect the personal data of EU citizens. Much of the problem was due to the US’s own surveillance laws, which allow government snooping and is not limited as in European law ‘to what is strictly necessary'. The European Court did validate the use of Standard Contractual Clauses (SCC's), saying that this mechanism does make it possible in practice to ensure compliance with the level of protection required by EU law.  

USE SCC's ON ALL NON EEA DATA TRANSFERs

The ICO website provides information about International Transfers and provides links to create a contract incorporating "Standard Contractual Clauses" (SCC's) to make it possible to ensure compliance with the level of Personal Data Protection required by EU/UK law.

How can we help your organisation Become GDPR compliant?

As qualified GDPR Consultants,  we can help and advise organisations on what GDPR could mean to them.

If you are just starting we can provide a GDPR Gap Analysis then continue with ongoing support until achieving full GDPR Compliance with a set of GDPR Documents.

GDPR is not a one-off process but needs to be monitor, reviewed and maintained and by providing an independent GDPR Audit of your systems, we can help you achieve this.

Call us to find out more - 01296 328448

Here is some guidance and resources to help businesses and organisations better prepare for data protection compliance after a no-deal Brexit:

a ‘Six Steps to Take’ guide;

broader guidance on the effects of leaving the EU without a withdrawal agreement, and

a general overview in the form of Frequently Asked Questions.

5 steps towards gdpr compliance

GDPR Compliance DocumentClick to Download

"From a personal perspective, in today's world of "Big Data ",  GDPR  should be celebrated for what it is: an initiative that gives back to each one of us control over who, how and what any organisation can do with our personal information. With its focus on data security, it will also significantly reduce the potential of your personal data being compromised." 


For organisations, GDPR means that strict new enforceable limits and controls are put in place over how information belonging to EU citizens can be processed. To comply with GDPR, new policies, procedures and potentially extra security may need to be put in place, and failure to do so could result in huge GDPR fines.

GDPR COMPLIANCE ISN'T JUST ABOUT DOING IT BUT BEING ABLE TO DEMONSTRATE IT. 

Need help achieving GDPR compliance
or a GDPR review?

Contact Us - Telephone 01296 328448

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form :(

GDPR is not a one-off process but needs to be monitored, reviewed and maintained and by providing an independent "GDPR Audit", we can help you achieve this.

OUR GDPR CONSULTANCY PROVIDES A HELPING HAND WITH GDPR

The GDPR support covers 100 miles radius of our office in Aylesbury, which includes:-

Buckinghamshire
Bucks

Amesham
High Wycombe
Chesham
Amersham
Aylesbury
Beaconsfield
Bletchley
Fenny Stratford
Buckingham
Chesham
Gerrards Cross
High Wycombe
Marlow
Milton Keynes
Newport Pagnell
Olney
Princes Risborough
Stony Stratford
Wendover
Winslow
Woburn Sands
Wolverton

Oxfordshire
Oxon

Abingdon
 Banbury
Bicester
Burford
Carterton
Charlbury
Chinnor
Chipping Norton
Didcot
Faringdon
Henley-on-Thames
Islip
Kidlington
Oxford
Thame
Wallingford
Wantage
 Watlington
Witney
Woodstock

Berkshire
Berks

Bracknell
Maidenhead
Newbury
Reading
Slough
Windsor
Wokingham

Hertfordshire
Herts

Baldock
Berkhamsted
Bishop's Stortford
Borehamwood
Broxbourne
Bushey
Cheshunt
Chorleywood
Croxley Green
Elstree
Harpenden
Hatfield
Hemel Hempstead
Hertford
Hitchin
Hoddesdon
Letchworth
Potters Bar
Radlett
Rickmansworth
Royston
Sawbridgeworth
South Oxhey
St Albans
Stevenage
Tring
Waltham Cross
Ware
Watford
Welwyn Garden City

London
London Area

Central London
City
Hayes
Hounslow
Kingston upon Thames
Richmond
Staines upon Thames
Twickenham
West London
If you haven't started your GDPR
Why not start with a
GDPR Presentation
Help your directors and senior management team to engage with GDPR.

This 90 minute presentation is designed specifically for directors and senior managers and will fast track their understanding of what GDPR entails and what obligations it brings.

This presentation has been received and appreciated by multiple boards around the country. It is a delivered on your premises, minimising the time wasted by busy people having to travel.

Alternatively this presentation can be provided as the start of the Gap Analysis Service detailed below, thereby saving the cost of a separate visit.

Contact us by phone or via the contact form to arrange an appointment.

01296 328448
Prepare for GDPR
GDPR GAP Analysis

Understand what GDPR
will mean to your organisation
with our Gap Analysis Service


Our GDPR Consultant sits down with you to help explore all the area's that your organisation uses, processes or shares personal information of living European's.

We then create a GDPR Gap Analysis Report for you and return to deliver the report with a series of simple steps for your organisation to achieve GDPR compliance.
Find out more

GDPR Policies and Procedures

To enable organisations to achieve GDPR compliance easily, we have worked with a legal practice in the Thames Valley to create document templates for the Policies, Procedures and Registers that organisations will require for GDPR compliance.
Find out more
GDPR Consultancy Documents
GDPR Training

GDPR Staff Training

To ensure that your staff understand GDPR and the Cyber Security Risks. 

We have teamed up with the 

Business Fraud Prevention Partnership

An award-winning provider of GCHQ-certified security awareness training, to help organisations educate and train their staff about their responsibilities under GDPR.

Data Protection Officer (DPO) Training

If you need to train one of your staff as a DPO then visit our shop.
Find out more

Cyber Essentials Package Solutions

GDPR is about:-

"Data Protection by Design and Data Protection by default".

Data Protection comprises two parts - Data Privacy and Data Security.

Data Privacy is about introducing the things already mentioned, Staff Training, Policies and Procedures, while Data Security is about making sure your systems and processes are safe from physical exploitation.

To this end the UK Government introduce, the Cyber Essentials Audit procedure in 2012 to help small to medium size organisations verify their Cyber Security.

As part of the GDPR due diligence and GDPR Audit Trail of what you have done to comply with the regulation, we recommend that all organisation carry out at least the basic "Cyber Essentials (Do it yourself) to certify their Data Security.

GDPR Cyber Essentials
Find out more
CALL US TO TALK THROUGH HOW WE CAN HELP YOU

01296-328448
Find out more

What else we can our GDPR Advisors help with

As qualified GDPR consultants, we can assist with the steps involved in becoming GDPR compliant

What about GDPR after Brexit & DPA 2018?


The basis on which the UK will leave the EU has still to be decided.

The Government has made clear that the General Data Protection Regulation (GDPR) will be absorbed into UK law at the point of exit, to operate along side the existing DPA 2018, so there will be no substantive change to the rules that most organisations need to follow.

But organisations that rely on the transfers of personal data between the UK and the European Economic Area (EEA) may be affected.

Personal information has been able to flow freely between organisations in the UK and European Union without any specific measures. That’s because we have had a common set of rules - the GDPR.

But this two-way free flow of personal information will no longer be the case if the UK leaves the EU without a withdrawal agreement that specifically provides for the continued flow of personal data.

In this event, the Government has already made clear its intention to permit data to flow from the UK to EEA countries. But transfers of personal information from the EEA to the UK will be affected.

The ICO have published guidance and practical tools to help organisations understand the implications and to help you plan ahead.

HOW DOES GDPR AFFECT YOUR ORGANISATION?

1) GDPR limits how an organisation can process personal information.

2) GDPR increases a Data Subject's rights over the usage and processing of their personal information

3) GDPR enhances Data Protection and Cyber Security

WHY SHOULD ORGANISATIONS ACTUALLY BOTHER ABOUT GDPR?

Reason 1 - From 25th May 2018, it became a legal requirement for all UK organisations to be compliant with GDPR.

Reason 2 - The penalty for breached, leaked, deleted or compromised personal information could be greatly reduced if the organisation has taken appropriate measures to comply with GDPR.

GDPR Articles 33 & 83 - "If 'Personal Data' which could result in the risk to the rights and freedoms of a natural living person who is a European Citizen, is breached, leaked, deleted or compromised after May 25th 2018, the organisation will be obliged to notify the Information Commissioners Office (ICO) within 72 Hours and also those affected as soon as possible. The ICO will then issue a penalty to that organisation which is effective, proportionate and dissuasive and could be anything up to 20 Million Euros or 4% of their total worldwide annual turnover of the preceding financial year, whichever is higher. "

Reason 3 -  Data Breaches can greatly impact the organisations public reputation. 

(TalkTalk lost over 100,000 customers as the result of their Data breach in 2015). 

To comply organisations will need to identify all the "Personal Information" that they hold, to ensure that they have, or can obtain, explicit consent to continue using it or have some other legal right to do so. They should also enhance the security and protection around the way they process information, to ensure that they are fully GDPR compliant. 

01296 328448

what our clients say


"SecureDesk and its associate company PSA, have provided IT support to us for more than 18 years. Over that period they have maintained our IT systems to be fully operational, secure and reliable.  Having benefited from their services over these years, I can recommend them as a totally trustworthy and professional organisation,  committed to delivering excellence and reliability." 

Managing Partner - Accountants


“Since commissioning SecureDesk to provide email protection, we have been delighted with the instant eradication of any and all unwanted spam; nuisance and harmful email. The overall benefit is simply peace of mind. We now have total confidence in our email system, knowing that it is not only spam-free but extremely robust against an ever increasing level of virus-attacks and other unwelcome content. It has also liberated our IT team from the painstaking task of sifting through hundreds of messages caught in the old inadequate spam filters, so that they can concentrate on other projects in house.”

Partner - Solicitor


"IT technology is key to enabling us to deliver services to our clients and having SecureDesk fully managing our systems, gives us the backup we need to do it. SecureDesk and its sister company have provided
support and security solutions to us over many years. I would have no hesitation in recommending them to any company, who like us, are dependent on IT technology and need someone to help deliver it for them.  With SecureDesk on our team, we can relax about the technology and just get on with the business."

Managing Director - Training Company


“As with all Financial Planners/Advisors, we are very much dependent on IT to deliver our services to clients.  Having SecureDesk maintaining and managing our system remotely, means that we have peace of mind in knowing everything is in good hands.  If at anytime we have an IT glitch, SecureDesk remotely links to our desktops and quickly fix the problem. We have used SecureDesk and PSA for over 15 years and found them to be totally trustworthy and dependable.  I would highly recommend them to any organisation that is looking to have their IT professionally supported by an external company.”

Director - Financial Advisors


"Kitchen Design is a very IT demanding operation, so having SecureDesk fully managing our IT remotely means we can have confidence that there is someone we can turn to for support. Not only do they provide us support during normal working hours but because their system monitors everything 24/7 they can install updates and fixes in the evenings and at weekends thereby minimising any disruption these would have on our productivity. Having benefited from the support of SecureDesk over many years, I would happily recommend their services o other companies.”

Managing Director - Kitchen & Bathroom Supplier


"SecureDesk and its associate company PSA, have provided IT support to us for more than 18 years. Over that period they have maintained our IT systems to be fully operational, secure and reliable.  Having benefitted from their services over these years, I can recommend them as a totally trustworthy and professional  organisation, committed to delivering excellence and reliability."

Managing Partner - Accountants

Contact Us - Telephone 01296 328448

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form :(

SecureDesk Limited
Suite 12, Midshires House,
Midshires Business Park,
Smeaton Close,
Aylesbury,
Buckinghamshire,
HP19 8HL

ENGLAND, UK

Telephone - 01296 328448
VAT No - 924 6049 24
email - info@gdpradvisor.co.uk