Frequently Asked Questions:
Q: Is the GDPR applicable to my company / organisation?
A: Even if you are solely a Business-to-Business Type Company, you will still store personal details and records for your staff, this data falls under the protection of the new GDPR.
Q: Does it effect me if I am totally Cloud/Web Based?
A: The onus of responsibility lies with the company who originally collected the data and if they had good reason to do so, not the 3rd party company that stores it, it is your responsibility to ensure it is safe.
Q: How much would my company be fined if I was seen to be not taking practicable steps to be compliant?
A: Up to 4% of your company's annual turnover.
Q: A 3rd party I.T. Company Stores all of our data, and runs our backups, how do I know if they are doing it right?
A: We can mediate with your I.T. company for you and advise if they are using compliant methods and the correct level/type of encryption to access and store your data.
Q: We had some Cyber Essentials training, but my staff are still leaving data in unsafe places, is my company still liable?
A: The training we provide should give your staff a better understanding and awareness of the implications of their actions or inactions, but if you certify your staff this gives your company some mitigation as you are providing proof that your company is actually taking practicable steps to be compliant.
Q: We were hacked, we had a data breach, what happens now?
A: In the event of lost data or compromises, we can advise on what authorities you may have to inform (if relevant) and the best steps to prevent any repetition