With GDPR coming into force on 25th May many SME’s are still unsure what the regulation means for them. In most cases, the simple fact is that “business as usual” is not an option. Privacy, security, accuracy and accountability are the overriding values of GDPR and need to be installed into SME’s. It is noted that there is a fundamental misconception that GDPR does not apply to SME’s. In fact this is far from the truth, GDPR is designed to govern how every organization treats personal information.
Please be aware that I have added a section as below under advisers on the doc library. The Data Protection agreement is standalone in addition to the client agreement, and CIDD IDD. It is important that this is signed before any business agreement is entered, be it mortgages, investments or whatever. The fact find also has been updated.