The GDPR – Is your small business ready?

Is your business ready for the new GDPR effective from 25th May 2018?


Businesses are starting to panic as they try to comply with the General Data Protection Regulation (GDPR) before the 25th May 2018 deadline. It’s a wide-ranging regulation designed to protect the privacy of individuals in the European Union (EU) and give them control over how their personal data is processed, including how it’s collected, stored and used. It affects every company in the world that processes personal data about people in the EU. Many believe that the GDPR won’t apply to them because they have fewer than 250 employees, infact it applies to every business that has customers, employees or clients in the EU.


Does it apply to me?

Any organisation, regardless of size, that regularly processes EU residents’ personal data must comply with the Regulation. However, SMEs may be exempt from the more rigorous steps.

Article 30, for example, states that the Article (which relates to the documentation controllers and processors must keep regarding data processing) “will not apply to small businesses except if the processing results in a risk to the rights and freedoms or data subjects, processing is not occasional, or the processing includes special categories of data as referred to in article 9, or personal data relating to criminal convictions and offences.”

This means you might not need the extensive documentation that larger organisations are required to keep. Nevertheless, you may find that your suppliers or customers will require you to have such documentation within their new GDPR-compliant contracts, so having it may give you a competitive advantage.


Data protection officers

The GDPR stipulates that certain organisations must appoint a data protection officer (DPO). There isn’t an exception for small businesses, so if you fall into the following categories, you’ll need a DPO:

  • You are a public authority (except for courts acting in their judicial capacity).
  • You carry out large-scale systematic monitoring of individuals (for example, online behaviour tracking).
  • You carry out large-scale processing of special categories of data or data relating to criminal convictions and offences.

The good news is, you aren’t obliged to hire a full-time employee for this role. You can have someone who performs this alongside other duties (if they aren’t processing data and don’t have a conflict of interest), you can share a DPO with other organisations, or you can outsource the role entirely. It may seem a daunting and expensive prospect, but there are cost-effective options out there for SMEs.


As a bookkeeping practice we are a ‘Data Controller’ and are registered with the Information Commissioner’s Office (ICO).  Please read our Privacy Policy for full details.


Pick yourself up and move on!

“I’m delighted to be back to business stronger than ever”

New bookkeeping service

Sometimes a setback can be a defining moment in business.  After breaking my elbow and losing full movement in my arm, my last business had to close.  During my recuperation I spent a lot of time thinking about where I wanted to be in my career.  I knew I wanted to be my own boss, do something I’m passionate about and excel at, whilst being able to work around my two children.


I have 30 years experience working in business finance and I get a buzz out of analysing numbers.  This includes running my own business and managing my own accounts.  I knew I wanted to continue working in business finance but wanted to be self-employed.


So I did a lot of research and chose to become an ICB certified bookkeeper, so I could offer professional services to align with my existing business skills.  I studied with Ideal Schools, who are a distance learning training provider, and they were brilliant.  While the kids were at school I had my head in books (sometimes when they were in bed too).  I fell in love with studying, although struggled with manual double entry bookkeeping – thankfully we have computers now!  It took 4 months (and 8 exams) to become a qualified bookkeeper, passing with distinction.  I also qualified in the completion of Self Assessment Tax Returns and passed with 100%!  This was the hardest exam I have ever done and I am extremely proud of my achievement.  Especially as the UK tax system is one of the most complex in the world.


This is just a few words to say I am very excited to be back in business.  I am looking forward to helping local small businesses with their finances.  I’m also looking forward to supporting new businesses and providing my knowledge and experience in business start up.  Starting a new business is very exciting but can also be stressful (I know, I’ve done it).  I would like to help take some of the stress away and take care of the finance side.  After all, who likes dealing with the books (except me of course)?  Business owners should do what they do best and allow me to do what I do best.  I love working with numbers! 


Jo Finch – AICB