services banner


Are you prepared for GDPR?

23rd March 2018

On 25th May 2018, one of the biggest security legislation changes in history will come into effect; the General Data Protection Regulation (GDPR).

GDPR is a set of regulations created by the EU that will affect the way the businesses of all sizes handle their data, and the data that they interact with on a daily basis.

Will it affect me?

If you’re a business in the UK, GDPR will affect you. At this early stage, it’s not confirmed whether the UK will continue adhering to these regulations following Brexit, but it’s likely that any regulations we have will be similar. What’s most important to know is that even if the UK doesn’t have these regulations, if your company does any business with countries that are in the EU, you will need to comply.

What do I need to know?

You’ll need express consent from your users

In order to collect data from anybody, you’ll need their consent. It’s no longer enough to include this in the terms and conditions, or as part of browsing your site. It’s now an opt-in, instead of an opt-out.

Transparency is mandatory

GDPR regulations require you to keep records of the data you have, as well as show that you have processes in place to properly store or dispose of it. Authorities can audit your company for this at any time, so it you need a complete information security policy that can demonstrate your data management procedures.

There are penalties

If you fail to comply with these regulations and receive an audit, or have a data breach that you fail to report within 72 hours, your company will have to deal with serious consequences. Fines can go up to £18 million, or 4% of your global annual turnover, whichever is higher. A UK local authority was recently fined £100,000 for failing to have measures in place to prevent the loss or accidental destruction of data concerning 100 people.


This is where Box-it comes in. With GDPR, data security is going to need to be a priority to avoid sizeable fines and penalties. More than half of data breaches are due to human error, such as an email being sent to the wrong recipient or loss of hard drives.

By establishing a culture of data security in your company, in which data is regularly securely stored or destroyed, you’ll be able to comply with GDPR and avoid penalties. This means secure storage and regular destruction of data that is no longer relevant.

For information on how Box-it Yorkshire can help guide your business through the transition to GDPR, get in touch with us today.


Your login details have been used by another user or machine. Login details can only be used once at any one time so you have therefore automatically been logged out. Please contact your sites administrator if you believe this other user or machine has unauthorised access.