It is important that all businesses that hold or use data, ensure that they are GDPR compliant. Not only is it important to help avoid a fine from the ICO if there was to be a data breach, but it is also an important way to look after your customers and clients.
There are a number of ways that you can ensure that your business is GDPR compliant and these can include:
Destroying data – it is important that you have a process for destroying any data that you no longer need to hold. These could be data that is out of date or that belongs to customers and clients that no longer use your services or products. If your data is in a physical format you can use a Confidential shredding Birmingham company such as https://www.printwaste.co.uk/confidential-shredding/confidential-shredding-birmingham/ to destroy this safely for you.
Policy – it is important that you have a GDPR or data protection policy in place that clearly explains what your process is for onboarding your clients, what data you will hold, why and where and who the named person within your business will be, for complaints or issues that may arise from a data breach.
ICO – you should register with the ICO to notify them that you are holding data. They have lots of useful guides and reports that will help you to put any policies and procedures in place throughout your business.