The General Data Protection Regulations (GDPR) came into effect on May 25th, 2018.

With GDPR, there’s been a lot of confusion and misinformation. At Mark Digital Media, we want to ensure our clients and anyone affected in the UK understand how it impacts their business. Many are using GDPR as an opportunity to profit from others’ lack of knowledge, but this article is designed to help you figure out if GDPR fundamentally affects your business or not.

Table of Contents

  1. What is GDPR?
  2. What Are the Risks?
  3. What Can We Do?
  4. Checklist for Small Businesses
  5. Right to Be Forgotten Procedure
  6. Conclusion: Protect Your Business

What is GDPR?

πŸ’Ό GDPR is essentially an update to the EU’s privacy regulations that impacts all business operations within the EU, regardless of where the business is based. This means non-EU businesses that process data of EU citizens must also comply with GDPR.

What Are the Risks?

⚠️ The penalties for non-compliance with GDPR can be severe:

  • πŸ’Έ Fines: Up to €20 million or 4% of annual global turnover, whichever is higher.
  • πŸ“‰ Compensation Claims: Individuals can claim compensation for damages suffered, which may lead to fraudulent claims if not handled carefully.


One critical concern is the risk of fraudulent claims against a business for non-compliance. The ICO will need to carefully manage this area to avoid abuse of the system. However, it’s important that all businesses take measures to protect themselves from such risks.

What Can We Do?

πŸ”‘ Here is a quick checklist to determine if your business falls under the new GDPR regulations:

Checklist for Small Businesses

  1. Does my company have fewer than 250 employees?
    • If yes, you don’t need to comply with most GDPR regulations like documenting why personal data is collected, how long it’s stored, or maintaining a record of processing activities (unless it poses a risk to data subjects).
  2. Do I need a Data Protection Officer (DPO)?
    • No. DPOs are required for public authorities and businesses that engage in large-scale data processing and monitoring.
  3. Does my business comply with existing EU data protection laws?
    • The ICO have created an online assessment tool.
      Use this to quickly determine your businesses liability.

Right to Be Forgotten Procedure

πŸ“„ The right to be forgotten is one of the key aspects of GDPR, especially relevant in today’s world of social media and growing concerns about data misuse. Here’s what you need to know:

  • πŸ›‘οΈ Ensure your customers have a clear procedure to request their data be forgotten.
  • πŸ“ Update your terms of business to include a process for removing customer data upon request. Add this to your website, invoices, and other correspondences.

πŸŽ₯ Video: GDPR and the Right to Be Forgotten

Conclusion: Protect Your Business

πŸ” GDPR compliance is vital for businesses that operate within the EU or handle the data of EU citizens. While small businesses in the UK may not need to implement every aspect of GDPR, following the checklist above ensures that you are protected from potential legal risks.

For businesses that do not comply, it’s worth considering professional services like those provided by Mark Digital Media to handle GDPR implementation efficiently.

Good luck, and feel free to reach out to Mark Digital Media for help in navigating GDPR compliance!

This post was brought to you by Mark Digital Media, your trusted Online Marketing partner. Contact us for expert help in managing your digital compliance and online marketing strategies.