GDPR

GDPR compliance and IFAC's new data processing clauses

Image and video hosting by TinyPic by Max Durrant

The GDPR broadens and deepens the rules between data controllers and data processors for processing of personal data and for the first time, directly enforceable obligations are imposed on processors as well as controllers.

The GDPR also requires that controllers and processors enter into written contracts (“C2P Clauses”). IFAC will be amending your terms of business to help with this.


Larger firms, - that means firms with more than two IFAs will need to appoint an external Data Protection Officer, and IFAC propose to do this role for the larger member firms at just £25pm plus vat. The DPO will be myself, and we will take responsibility for your data audits, and keep you inline with the new rules, and act as independent arbiter to customers and suppliers.
One of IFAC DPO’s services is taking on the role of your (external) Data Protection Officer (DPO). 


In this position we are responsible for ensuring that your company complies with the relevant data privacy legislation.

If you decide to appoint IFAC as external Data Protection Officer we will

  • ensure that personal data of employees and customers are handled according to the relevant legal provisions.
  • ensure that staff and representatives are provided with regular training on data protection principles and their application in practice.
  • ensure that personal data is stored in a secure way and only retained as long as it is legitimate according to applicable law.
  • assess computer systems and ensure that their functionality complies with applicable data protection laws.

The role of the DPO demands in-depth knowledge of the relevant legal provisions and solid technical understanding at the same time. Our services are provided by me, Max Durrant, who is a practicing Data Protection Officer.


Having worked for financial services practices for many years, our expertise and specialization on data protection issues is a matter of fact.

Where a task requires deep knowledge in computer science our team is permanently assisted by our IT security expert – George Romero.

See Initial training sessions running throughout January - go on www.eventbrite.com and search for 'IFAC GDPR' today to book.

Alternatively please email gdpr@ifac.eu or call Max or Chloe or 01242 807010.

category 
FCA news