GDPR for sme organisations

Complying with the data protection law

The Information Commissioner’s Office has produced practical advice on how to comply with data protection law and how to improve data protection practices in your business, including how to keep employees’ and customers’ personal information secure and how to get ready for the data protection reforms.

Getting ready for the GDPR

Data Protection law is changing on 25 May 2018 and organisations need to be ready for the General Data Protection Regulation (GDPR). Surveys have shown however, small organisation tend to be less well prepared. The ICO has therefore produced a package of tools to help your business get ready for the GDPR. 

£1,950 +vat
SIA+ provides a transparent security offering and forms part of your GDPR journey. At a fixed price point, the SIA+ package is competitively priced at £1,950.00 +VAT and carries no hidden costs.
Start SIA+ Today

Data protection – looking after the information you hold

If you hold and process personal information about your clients, employees or suppliers, you are legally obliged to protect that information. Under the Data Protection Act, you must:

  • only collect information that you need for a specific purpose;
  • keep it secure;
  • ensure it is relevant and up to date;
  • only hold as much as you need, and only for as long as you need it; and
  • allow the subject of the information to see it on request.

Data protection self-assessment toolkit

Our data protection self-assessment toolkit can help you assess your compliance with the Data Protection Act and find out what you need to do to. We have a seven checklists covering a number of areas of compliance including Getting ready for the General Data Protection Regulation (GDPR), Information Security, and CCTV.

Good information handling makes good business sense, and it provides a range of benefits. You’ll enhance your business’s reputation, increase customer and employee confidence, and by making sure personal information is accurate, relevant and safe, save both time and money.

Environmental Businesses

If your business is concerned with the environment, for example if you’re a setting up or running a recycling business, you’ll also need to make sure you comply with the environmental information regulations.


If you do telephone, email or other electronic marketing then you need to comply with the Privacy and Electronics Communications Regulations.

For further information for small businesses, see our direct marketing checklist or our guidance on direct marketing.-

Registration with the ICO

If you handle personal data, you may need to register as a data controller with the Information Commissioner’s Office. Registration is a statutory requirement and every organisation that processes personal information must register with the ICO, unless they are exempt. Failure to register is a criminal offence.

What is GDPR?

What is GDPR?

Find out what GDPR is and how it may affect your business.

GDPR is coming

Find out the next steps to take to start your GDPR Journey.

NEED MORE INFORMATION?Contact us to see how we can help your business

Call our Sales Team on: +44 (0)121 289 3434
or email us at: