{"id":3927,"date":"2022-06-15T23:54:49","date_gmt":"2022-06-15T22:54:49","guid":{"rendered":"https:\/\/legalvision.co.uk\/?p=3927"},"modified":"2023-02-28T04:20:26","modified_gmt":"2023-02-28T04:20:26","slug":"complying-with-gdpr","status":"publish","type":"post","link":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/","title":{"rendered":"4 Common Challenges Your Company Will Face With the GDPR in the UK"},"content":{"rendered":"\n<p>The <em>General Data Protection Regulation<\/em> (<strong>GDPR<\/strong>) provides organisations with data protection rules. Primarily, these rules focus on ensuring companies safely handle the personal information of their employees and clients.&nbsp;However, ensuring your business is complying with GDPR is an ongoing process and can be quite complex. Furthermore, failing to do so can result in significant fines for your company. This article will explain four common challenges your business may face when trying to comply with GDPR rules so your company can comply with data protection law.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why Is It Important to Comply With the GDPR?<\/h2>\n\n\n\n<p>Any breach of the GDPR can lead to an investigation by <a href=\"https:\/\/ico.org.uk\/\">the Information Commissioner&#8217;s Office<\/a> (<strong>ICO<\/strong>). The ICO can provide your company with hefty fines of up to \u00a317.5m for a breach of GDPR rules.<\/p>\n\n\n\n<p>The ICO&#8217;s role is to deter businesses from ignoring GDPR rules. So, they are not afraid to provide significant financial penalties as a deterrent. Therefore, your company should make every reasonable effort to learn and ensure you are complying with the GDPR.<\/p>\n\n\n\n<p>Let us explore four common challenges you may face below.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. Deciding When to Report Data Breaches<\/h3>\n\n\n\n<p>Under certain circumstances, your organisation must notify the ICO of a data breach within 72 hours. However, the test for determining whether your company must do so can be challenging to apply in practice. Essentially, your business must notify the ICO where both of the following statements apply:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>a &#8216;personal data breach&#8217; occurs; and<\/li>\n\n\n\n<li>that breach could likely result in a &#8216;risk to people&#8217;s rights and freedoms.&#8217;<\/li>\n<\/ul>\n\n\n\n<p>The definition of a personal data breach is fairly broad. It includes a large variety of leaked information and any security breach which leads to the accidental or unlawful:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>destruction;<\/li>\n\n\n\n<li>loss;<\/li>\n\n\n\n<li>alteration;<\/li>\n\n\n\n<li>disclosure; or&nbsp;<\/li>\n\n\n\n<li>unauthorised access to personal data.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>However, the definition of &#8216;people&#8217;s rights and freedoms&#8217; is a bit more complex. Ultimately, this rule applies to ensure companies refer themselves to the ICO if harm could arise to an individual through the misuse of private information. However, it can be difficult for businesses to know exactly where to draw the line. Further, it can be challenging to determine the difference between a minor data breach and one that could impact the &#8216;rights and freedoms&#8217; of others. Therefore, it may be worth obtaining legal advice if in doubt, mainly as failure to report a relevant personal data breach is a breach of the GDPR in itself.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Ensuring Good System Security and Guarding Against Cyber-Attack<\/h3>\n\n\n\n<p>Some of the ICO&#8217;s most considerable fines occur with organisations that inadequately <a href=\"https:\/\/legalvision.co.uk\/ecommerce-online-business\/personal-data-e-commerce\/\">guard against the theft of sensitive data<\/a>. Sometimes, these fines can be as significant as millions of pounds.<\/p>\n\n\n\n<p>Indeed, ensuring your company has sound security and anti-virus protection systems is an ever-changing process. Therefore, information security is an area requiring constant vigilance and improvement.&nbsp;<\/p>\n\n\n\n<div  class=\"box box--icon box--info\">\n    <p>For example, firewalls and anti-virus protection systems that were strong ten years ago may potentially be very weak today.<\/p>\n<\/div>\n\n\n\n<p>However, some simple measures your organisation can put in place to try and increase its cyber resilience include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>training your staff regularly about safe cyber practice (usually concerning the risks of phishing emails and clicking on suspicious links);<\/li>\n\n\n\n<li>using the latest, most robust anti-virus software and installing all recommended updates without delay;<\/li>\n\n\n\n<li>using complex passwords rather than stock passwords (for example, &#8216;mYbesTpa55word&#8217; is much better than &#8216;password&#8217; or &#8216;admin&#8217;); and<\/li>\n\n\n\n<li>regularly backing up your digital data in the event of a system failure or cyber-attack. This should help your company relaunch its system and files following an attempted ransomware attack.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. Deciding Whether to Appoint a Data Protection Officer<\/h3>\n\n\n\n<p>There are certain situations in which your company may require a Data Protection Officer (<strong>DPO<\/strong>). However, on many occasions, their appointment may not be mandatory. In this case, it becomes more of a business decision whether to do so.<\/p>\n\n\n\n<p>Putting a DPO in place can help your company achieve the following targets by:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>ensuring knowledge of all relevant GDPR rules;<\/li>\n\n\n\n<li>processing data safely and ensuring you are complying with the GDPR;<\/li>\n\n\n\n<li>carrying out the best practices concerning data management and guarding against accidental loss of data;<\/li>\n\n\n\n<li>ensuring <a href=\"https:\/\/legalvision.co.uk\/regulatory-compliance\/sensitive-data-information\/\">safe data processing of any high-risk information<\/a>;<\/li>\n\n\n\n<li>handling Subject Access Requests quickly and competently; and<\/li>\n\n\n\n<li>ensuring certainty around reporting data breaches to the ICO and ensuring reporting within the 72-hour deadline.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4. How to Safely Handle Subject Access Requests<\/h3>\n\n\n\n<p>A Subject Access Request (<strong>SAR<\/strong>) is a request from an individual (the data subject) to receive a copy of specific information you hold about them.&nbsp;<\/p>\n\n\n\n<p>Typically, some common ways to safely handle a SAR include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>providing the requested information within one calendar month of the request;<\/li>\n\n\n\n<li>asking the individual to provide more detail as to which specific documents they are looking for (to help streamline your search);<\/li>\n\n\n\n<li>redacting (blank out) any information relating to other individuals (for example, on a document discussing staff salaries, you should redact all other names, home addresses and salary levels); and<\/li>\n\n\n\n<li>avoiding <a href=\"https:\/\/legalvision.co.uk\/disputes-litigation\/disclosure-rules-obligations-uk\/\">the disclosure of materials<\/a> marked &#8216;without prejudice.&#8217;<\/li>\n<\/ul>\n\n\n\n<p>Many companies, particularly those without a DPO, choose to engage a lawyer to assist with complex SARs. This can be particularly helpful because the ICO can provide fines for any failure to handle SARs correctly. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Key Takeaways<\/h2>\n\n\n\n<p>Overall, the GDPR encourages your business to collect, store, and handle all private data safely and securely. <\/p>\n\n\n\n<p>Further, when this does not happen, the ICO will expect you to inform them of any relevant personal data breach within 72 hours. In addition, having appropriate policies in place and maintaining a sound security system is a great starting point in complying with the GDPR. Indeed, doing this can help you avoid hefty financial penalties from the ICO.&nbsp;<\/p>\n\n\n\n<p>If you need help ensuring you are complying with the GDPR and data protection rules, our experienced <a href=\"https:\/\/legalvision.co.uk\/it-lawyers-lp\/\">Data, Privacy and IT lawyers<\/a> can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on <a href=\"tel:+448081968584\" class=\"AVANSERnumber dynamic-number\">0808 196 8584<\/a> or visit our <a href=\"https:\/\/legalvision.co.uk\/membership\/\">membership page<\/a>.<\/p>\n\n\n\n\n<a href=\"#content-next\"\n   class=\"block p-4 mt-10 text-xl font-bold text-center text-white no-underline bg-gray-800 rounded-t-xl\">\n    Continue reading this article below the form\n    <i class=\"text-xl fa-regular fa-arrow-down\"><\/i>\n<\/a>\n<div class=\"px-6 pt-10 pb-12 mb-10 text-center bg-gray-100 rounded-b-xl sm:px-12 test\">\n    <div class=\"mb-8 text-2xl font-bold text-orange\">\n        Need legal advice?\n        <br>\n        <span class=\"text-lg not-prose\">\n                            Call <a href=\"tel:+448081968584\" class=\"not-prose\">0808 196 8584<\/a> for urgent assistance.\n                <br>\n                Otherwise, complete this form, and we will contact you within one business day.\n                    <\/span>\n    <\/div>\n\n    \n\n<div class=\"not-prose flex justify-center text-left gform_input_bg_white    \">\n    <script>\nvar gform;gform||(document.addEventListener(\"gform_main_scripts_loaded\",function(){gform.scriptsLoaded=!0}),document.addEventListener(\"gform\/theme\/scripts_loaded\",function(){gform.themeScriptsLoaded=!0}),window.addEventListener(\"DOMContentLoaded\",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,themeScriptsLoaded:!1,isFormEditor:()=>\"function\"==typeof InitializeEditor,callIfLoaded:function(o){return!(!gform.domLoaded||!gform.scriptsLoaded||!gform.themeScriptsLoaded&&!gform.isFormEditor()||(gform.isFormEditor()&&console.warn(\"The use of gform.initializeOnLoaded() is deprecated in the form editor context and will be removed in Gravity Forms 3.1.\"),o(),0))},initializeOnLoaded:function(o){gform.callIfLoaded(o)||(document.addEventListener(\"gform_main_scripts_loaded\",()=>{gform.scriptsLoaded=!0,gform.callIfLoaded(o)}),document.addEventListener(\"gform\/theme\/scripts_loaded\",()=>{gform.themeScriptsLoaded=!0,gform.callIfLoaded(o)}),window.addEventListener(\"DOMContentLoaded\",()=>{gform.domLoaded=!0,gform.callIfLoaded(o)}))},hooks:{action:{},filter:{}},addAction:function(o,r,e,t){gform.addHook(\"action\",o,r,e,t)},addFilter:function(o,r,e,t){gform.addHook(\"filter\",o,r,e,t)},doAction:function(o){gform.doHook(\"action\",o,arguments)},applyFilters:function(o){return gform.doHook(\"filter\",o,arguments)},removeAction:function(o,r){gform.removeHook(\"action\",o,r)},removeFilter:function(o,r,e){gform.removeHook(\"filter\",o,r,e)},addHook:function(o,r,e,t,n){null==gform.hooks[o][r]&&(gform.hooks[o][r]=[]);var d=gform.hooks[o][r];null==n&&(n=r+\"_\"+d.length),gform.hooks[o][r].push({tag:n,callable:e,priority:t=null==t?10:t})},doHook:function(r,o,e){var t;if(e=Array.prototype.slice.call(e,1),null!=gform.hooks[r][o]&&((o=gform.hooks[r][o]).sort(function(o,r){return o.priority-r.priority}),o.forEach(function(o){\"function\"!=typeof(t=o.callable)&&(t=window[t]),\"action\"==r?t.apply(null,e):e[0]=t.apply(null,e)})),\"filter\"==r)return e[0]},removeHook:function(o,r,t,n){var e;null!=gform.hooks[o][r]&&(e=(e=gform.hooks[o][r]).filter(function(o,r,e){return!!(null!=n&&n!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][r]=e)}});\n<\/script>\n\n                <div class='gf_browser_gecko gform_wrapper gravity-theme gform-theme--no-framework lawyer-form_wrapper gplaceholder_wrapper form-with-labels-no-asterisks_wrapper has-new-validation-error-styling_wrapper' data-form-theme='gravity-theme' data-form-index='0' id='gform_wrapper_2453' style='display:none'><div id='gf_2453' class='gform_anchor' tabindex='-1'><\/div><form method='post' enctype='multipart\/form-data' target='gform_ajax_frame_2453' id='gform_2453' class='lawyer-form gplaceholder form-with-labels-no-asterisks has-new-validation-error-styling' action='\/api\/wp\/v2\/posts\/3927#gf_2453' data-formid='2453' novalidate>\n                        <div class='gform-body gform_body'><div id='gform_fields_2453' class='gform_fields top_label form_sublabel_below description_below validation_below'><div id=\"field_2453_1000\" class=\"gfield gfield--type-honeypot gform_validation_container field_sublabel_below gfield--has-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_1000'>URL<\/label><div class='ginput_container'><input name='input_1000' id='input_2453_1000' type='text' value='' autocomplete='new-password'\/><\/div><div class='gfield_description' id='gfield_description_2453_1000'>This field is for validation purposes and should be left unchanged.<\/div><\/div><div id=\"field_2453_1\" class=\"gfield gfield--type-text gfield--input-type-text gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_1'>First Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_1' id='input_2453_1' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_12\" class=\"gfield gfield--type-text gfield--input-type-text gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_12'>Last Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_12' id='input_2453_12' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_2\" class=\"gfield gfield--type-email gfield--input-type-email gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_2'>Email Address<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_email'>\n                            <input name='input_2' id='input_2453_2' type='email' value='' class='medium'    aria-required=\"true\" aria-invalid=\"false\"  \/>\n                        <\/div><\/div><div id=\"field_2453_3\" class=\"gfield gfield--type-phone gfield--input-type-phone gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_3'>Phone<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_phone'><input name='input_3' id='input_2453_3' type='tel' value='' class='medium'   aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_14\" class=\"gfield gfield--type-select gfield--input-type-select gfield--width-full custom-select gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_14'>Number of Employees in Your Business<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_select'><select name='input_14' id='input_2453_14' class='large gfield_select'    aria-required=\"true\" aria-invalid=\"false\" ><option value='' selected='selected'>Select ...<\/option><option value='0' >0<\/option><option value='1' >1-5<\/option><option value='6' >6-20<\/option><option value='21' >21-50<\/option><option value='51' >51-250<\/option><option value='250' >250+<\/option><\/select><\/div><\/div><div id=\"field_2453_4\" class=\"gfield gfield--type-textarea gfield--input-type-textarea gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_4'>Tell us about your enquiry<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_4' id='input_2453_4' class='textarea medium'     aria-required=\"true\" aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/div><div id=\"field_2453_5\" class=\"gfield gfield--type-html gfield--input-type-html gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  >By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. View our <a href=\"https:\/\/legalvision.co.uk\/privacy-notice\/\" target=\"_blank\">Privacy Policy<\/a>. <\/div><div id=\"field_2453_8\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_8' id='input_2453_8' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='http:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/3927' \/><\/div><\/div><div id=\"field_2453_13\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_13' id='input_2453_13' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='generic_form' \/><\/div><\/div><fieldset id=\"field_2453_999\" class=\"gfield gfield--type-checkbox gfield--type-choice gfield__uk-marketo-opt-in field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><legend class='gfield_label gform-field-label screen-reader-text' ><\/legend><div class='ginput_container ginput_container_checkbox'><div class='gfield_checkbox ' id='input_2453_999'><div class='gchoice gchoice_2453_999_1'>\n\t\t\t\t\t\t\t\t<input class='gfield-choice-input' name='input_999.1' type='checkbox'  value='1'  id='choice_2453_999_1'   \/>\n\t\t\t\t\t\t\t\t<label for='choice_2453_999_1' id='label_2453_999_1' class='gform-field-label gform-field-label--type-inline'>By submitting this form, you agree to receive content and event invitations from us to help you grow your business. If you do not want to receive such messages, tick here.<\/label>\n\t\t\t\t\t\t\t<\/div><\/div><\/div><\/fieldset><\/div><\/div>\n        <div class='gform-footer gform_footer top_label'> <button type=\"submit\" id=\"gform_submit_button_2453\" class=\"gform_button button\" onclick=\"gform.submission.handleButtonClick(this);\" data-submission-type=\"submit\"><span class=\"gform_submit_button__text\">Submit Now<\/span><\/button> <input type='hidden' name='gform_ajax' value='form_id=2453&amp;title=&amp;description=&amp;tabindex=0&amp;theme=gravity-theme&amp;hash=ec2463697d0d9cef7b71236ae60964c7' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submission_method' data-js='gform_submission_method_2453' value='iframe' \/>\n            <input type='hidden' class='gform_hidden' name='gform_theme' data-js='gform_theme_2453' id='gform_theme_2453' value='gravity-theme' \/>\n            <input type='hidden' class='gform_hidden' name='gform_style_settings' data-js='gform_style_settings_2453' id='gform_style_settings_2453' value='' \/>\n            <input type='hidden' class='gform_hidden' name='is_submit_2453' value='1' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submit' value='2453' \/>\n            \n            <input type='hidden' class='gform_hidden' name='gform_currency' data-currency='GBP' value='3pkGStryjRUU2YJAKBQjmuH5XejUJVGJb8q\/oqQCvnpwNbky\/AXX78Js0Y2VMKEyudoH10KfDPBZXIelbRYDbQ9p8knkDVHrx3RSAIqkvMEEwnA=' \/>\n            <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' \/>\n            <input type='hidden' class='gform_hidden' name='state_2453' value='WyJ7XCIxNFwiOltcIjIyODY0N2ViMWU3NTcxZjA4YTY4NGJmMDcwMTk3Y2I0XCIsXCJiMzk3YmQ1MDBmMmFjNjk1ODE4MzdmNTBhYTA2MzQ0OFwiLFwiNGYyNGZkZGEwMzlkNDUxMWFhZGE1NGYwZmQwZmNiZTdcIixcIjUyMmJkMDE2M2I2ZmEwOTI3NDZhZjU5YTg0ZmM1NDk5XCIsXCIzODRlNjk1YjQxMTAzMWFiYmQ2ODEyMGYyZWFhMDYyNlwiLFwiYjkzNDcwNTE2MjkxOGRjZWViMjQzNzRjNmE0NGVmNTlcIixcIjQxMTliODZhMzVjYzJiMWViNDZiMmQ4NjRlNGUzZmNjXCJdfSIsIjQ3MjNiMzA2ZDIyZGVkODA2N2YyMjYyOThkYzI1ODVmIl0=' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_target_page_number_2453' id='gform_target_page_number_2453' value='0' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_source_page_number_2453' id='gform_source_page_number_2453' value='1' \/>\n            <input type='hidden' name='gform_field_values' value='' \/>\n            \n        <\/div>\n                        <\/form>\n                        <\/div>\n\t\t                <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_2453' id='gform_ajax_frame_2453' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'><\/iframe>\n\t\t                <script>\ngform.initializeOnLoaded( function() {gformInitSpinner( 2453, 'https:\/\/legalvision.co.uk\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery('#gform_ajax_frame_2453').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_2453');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_2453').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){form_content.find('form').css('opacity', 0);jQuery('#gform_wrapper_2453').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_2453').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_2453').removeClass('gform_validation_error');}setTimeout( function() { \/* delay the scroll by 50 milliseconds to fix a bug in chrome *\/ jQuery(document).scrollTop(jQuery('#gform_wrapper_2453').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_2453').val();gformInitSpinner( 2453, 'https:\/\/legalvision.co.uk\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery(document).trigger('gform_page_loaded', [2453, current_page]);window['gf_submitting_2453'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}jQuery('#gform_wrapper_2453').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_2453').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [2453]);window['gf_submitting_2453'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_2453').text());}else{jQuery('#gform_2453').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger(\"gform_pre_post_render\", [{ formId: \"2453\", currentPage: \"current_page\", abort: function() { this.preventDefault(); } }]);        if (event && event.defaultPrevented) {                return;        }        const gformWrapperDiv = document.getElementById( \"gform_wrapper_2453\" );        if ( gformWrapperDiv ) {            const visibilitySpan = document.createElement( \"span\" );            visibilitySpan.id = \"gform_visibility_test_2453\";            gformWrapperDiv.insertAdjacentElement( \"afterend\", visibilitySpan );        }        const visibilityTestDiv = document.getElementById( \"gform_visibility_test_2453\" );        let postRenderFired = false;        function triggerPostRender() {            if ( postRenderFired ) {                return;            }            postRenderFired = true;            gform.core.triggerPostRenderEvents( 2453, current_page );            if ( visibilityTestDiv ) {                visibilityTestDiv.parentNode.removeChild( visibilityTestDiv );            }        }        function debounce( func, wait, immediate ) {            var timeout;            return function() {                var context = this, args = arguments;                var later = function() {                    timeout = null;                    if ( !immediate ) func.apply( context, args );                };                var callNow = immediate && !timeout;                clearTimeout( timeout );                timeout = setTimeout( later, wait );                if ( callNow ) func.apply( context, args );            };        }        const debouncedTriggerPostRender = debounce( function() {            triggerPostRender();        }, 200 );        if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) {            const observer = new MutationObserver( ( mutations ) => {                mutations.forEach( ( mutation ) => {                    if ( mutation.type === 'attributes' && visibilityTestDiv.offsetParent !== null ) {                        debouncedTriggerPostRender();                        observer.disconnect();                    }                });            });            observer.observe( document.body, {                attributes: true,                childList: false,                subtree: true,                attributeFilter: [ 'style', 'class' ],            });        } else {            triggerPostRender();        }    } );} );\n<\/script>\n<\/div>\n<\/div>\n<div id=\"content-next\"><!-- scroll anchor --><\/div>\n<h2 class=\"wp-block-heading\">Frequently Asked Questions<\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1655332885981\"><strong class=\"schema-faq-question\"><strong>When is my business required to appoint a Data Protection Officer (DPO)?<\/strong><\/strong> <p class=\"schema-faq-answer\">The appointment of a DPO is mandatory where your company&#8217;s main activities involve handling &#8216;special categories of data&#8217; or the regular monitoring of individuals. However, many organisations still appoint a DPO where not mandatory due to the various benefits they can bring to your business.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1655332916732\"><strong class=\"schema-faq-question\"><strong>How does my company safely dispose of physical and digital documentation?<\/strong><\/strong> <p class=\"schema-faq-answer\">If the documents are in paper, your company can achieve this by shredding the data and using a reputable disposal company. However, if you wish to delete digital documentation, you should consider using specialist deletion software that ensures no one can recover it. Furthermore, you should also delete the data from any digital backups of your IT database.<\/p> <\/div> <\/div>\n<div class=\"not-prose m-feedback-prompt\">\n    <!-- Thumbs up\/down bar -->\n    <div class=\"m-feedback-prompt__main\">\n        <div class=\"m-feedback-prompt__title\">Was this article helpful?<\/div>\n        <div>\n            <!--span class=\"m-feedback-prompt__button--text\">Thanks!<\/span-->\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--yes\"\n                    data-analytics-link=\"feedback-prompt:yes\" aria-label=\"Agree\">\n                <i class=\"fa-regular fa-thumbs-up fa-3x\"><\/i>\n            <\/button>\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--no\"\n                    data-analytics-link=\"feedback-prompt:no\" aria-label=\"Disagree\">\n                <i class=\"fa-regular fa-thumbs-down fa-3x\"><\/i>\n            <\/button>\n        <\/div>\n    <\/div>\n\n    <!-- Feedback form -->\n    <div class=\"m-feedback-prompt__form\">\n        <div class=\"m-feedback-prompt__form--thanks \">\n            <div>Thanks!<\/div>\n            <p>\n                We appreciate your feedback \u2013 your submission has been successfully received.            <\/p>\n        <\/div>\n        <form id=\"contact-form\" class=\"m-feedback-prompt__form--form\" action=\"\" method=\"post\">\n            <input type=\"hidden\" id=\"authenticity_token\" name=\"authenticity_token\" value=\"1a3344bcd7\" \/><input type=\"hidden\" name=\"_wp_http_referer\" value=\"\/api\/wp\/v2\/posts\/3927\" \/>            <input value=\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\" type=\"hidden\" name=\"currenturl\"\n                   id=\"currenturl\">\n            <input value=\"4 Common Challenges Your Company Will Face With the GDPR in the UK\" type=\"hidden\" name=\"currenttitle\"\n                   id=\"currenttitle\">\n            <label>\n                <!-- display on thumbs-up -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--yes\">\n                    Can you tell us <span class=\"font-semibold\">why<\/span> you found it helpful?\n                <\/span>\n\n                <!-- display on thumbs-down -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--no text-lg\">\n                    How can we better improve this article?\n                <\/span>\n                <textarea name=\"feedbackmessage\" id=\"feedbackmessage\" required><\/textarea>\n            <\/label>\n\n            <div class=\"m-feedback-prompt__form--error\" id=\"form-submit-error\"><\/div>\n            <button id=\"submit-contact-form-button\" type=\"submit\" name=\"commit\" class=\"m-feedback-prompt__form--submit\"\n                    data-analytics-link=\"feedback-prompt:submit\">\n                Submit            <\/button>\n        <\/form>\n    <\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The General Data Protection Regulation (GDPR) provides organisations with data protection rules. Primarily, these rules focus on ensuring companies safely handle the personal information of their employees and clients.&nbsp;However, ensuring your business is complying with GDPR is an ongoing process and can be quite complex. Furthermore, failing to do so can result in significant fines<a href=\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\">Continue reading <span class=\"sr-only\">&#8220;4 Common Challenges Your Company Will Face With the GDPR in the UK&#8221;<\/span><\/a><\/p>\n","protected":false},"author":13349,"featured_media":3251,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"2245,3331,2018,3296,2860,2080","_relevanssi_noindex_reason":"","editor_notices":[],"footnotes":""},"categories":[28],"tags":[20,21,365,798,799,800],"class_list":["post-3927","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-corporations","tag-small-business","tag-medium-business","tag-gdpr","tag-data-protection-rules","tag-subject-access-request","tag-dpo"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>4 Challenges When Complying With the GDPR | LegalVision UK<\/title>\n<meta name=\"description\" content=\"This article explains how you can ensure you are adequately complying with the GDPR, and UK data protection rules.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"4 Challenges When Complying With the GDPR | LegalVision UK\" \/>\n<meta property=\"og:description\" content=\"This article explains how you can ensure you are adequately complying with the GDPR, and UK data protection rules.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\" \/>\n<meta property=\"og:site_name\" content=\"LegalVision UK\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/LegalVision\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-15T22:54:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-28T04:20:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"899\" \/>\n\t<meta property=\"og:image:height\" content=\"599\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Thomas Sutherland\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:site\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Thomas Sutherland\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\"},\"author\":{\"name\":\"Thomas Sutherland\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2\"},\"headline\":\"4 Common Challenges Your Company Will Face With the GDPR in the UK\",\"datePublished\":\"2022-06-15T22:54:49+00:00\",\"dateModified\":\"2023-02-28T04:20:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\"},\"wordCount\":1132,\"image\":{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg\",\"keywords\":[\"small business\",\"medium business\",\"gdpr\",\"data protection rules\",\"subject access request\",\"DPO\"],\"articleSection\":[\"Corporate Articles\"],\"inLanguage\":\"en-GB\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\",\"url\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\",\"name\":\"4 Challenges When Complying With the GDPR | LegalVision UK\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.uk\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg\",\"datePublished\":\"2022-06-15T22:54:49+00:00\",\"dateModified\":\"2023-02-28T04:20:26+00:00\",\"author\":{\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2\"},\"description\":\"This article explains how you can ensure you are adequately complying with the GDPR, and UK data protection rules.\",\"breadcrumb\":{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332885981\"},{\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332916732\"}],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage\",\"url\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg\",\"contentUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg\",\"width\":899,\"height\":599,\"caption\":\"What Is Misrepresentation? Guide for Small Business'\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/legalvision.co.uk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Corporate Articles\",\"item\":\"https:\/\/legalvision.co.uk\/category\/corporations\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"4 Common Challenges Your Company Will Face With the GDPR in the UK\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/legalvision.co.uk\/#website\",\"url\":\"https:\/\/legalvision.co.uk\/\",\"name\":\"LegalVision UK\",\"description\":\"LegalVision is a commercial law firm in the UK with a commitment to innovation\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/legalvision.co.uk\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2\",\"name\":\"Thomas Sutherland\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg\",\"contentUrl\":\"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg\",\"caption\":\"Thomas Sutherland\"},\"description\":\"Tom is an Expert Legal Contributor for LegalVision. He has particular expertise in Commercial and Employment litigation, as well as data protection and privacy regulations. He is a qualified Solicitor in England and Wales and has a decade of legal experience, including advocacy within civil courts and Tribunals. Tom specialises in civil and employment litigation. He has extensive experience in advising employers and companies as to the requirements of employment law and data protection rules, as well as day-to-day advice on smooth running from a commercial perspective. Qualifications: Professional Skills Course - Law, University of Law; Legal Practice Course - Law, College of Law; Bachelor of Laws, University of Southampton.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/tom-sutherland-72b4509b\/\"],\"url\":\"https:\/\/legalvision.co.uk\/author\/thomassutherland\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332885981\",\"name\":\"When is my business required to appoint a Data Protection Officer (DPO)?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The appointment of a DPO is mandatory where your company's main activities involve handling 'special categories of data' or the regular monitoring of individuals. However, many organisations still appoint a DPO where not mandatory due to the various benefits they can bring to your business.\",\"inLanguage\":\"en-GB\"},\"inLanguage\":\"en-GB\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332916732\",\"name\":\"How does my company safely dispose of physical and digital documentation?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"If the documents are in paper, your company can achieve this by shredding the data and using a reputable disposal company. However, if you wish to delete digital documentation, you should consider using specialist deletion software that ensures no one can recover it. Furthermore, you should also delete the data from any digital backups of your IT database.\",\"inLanguage\":\"en-GB\"},\"inLanguage\":\"en-GB\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"4 Challenges When Complying With the GDPR | LegalVision UK","description":"This article explains how you can ensure you are adequately complying with the GDPR, and UK data protection rules.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/","og_locale":"en_GB","og_type":"article","og_title":"4 Challenges When Complying With the GDPR | LegalVision UK","og_description":"This article explains how you can ensure you are adequately complying with the GDPR, and UK data protection rules.","og_url":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/","og_site_name":"LegalVision UK","article_publisher":"https:\/\/www.facebook.com\/LegalVision","article_published_time":"2022-06-15T22:54:49+00:00","article_modified_time":"2023-02-28T04:20:26+00:00","og_image":[{"width":899,"height":599,"url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg","type":"image\/jpeg"}],"author":"Thomas Sutherland","twitter_card":"summary_large_image","twitter_creator":"@LegalVision_law","twitter_site":"@LegalVision_law","twitter_misc":{"Written by":"Thomas Sutherland","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#article","isPartOf":{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/"},"author":{"name":"Thomas Sutherland","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2"},"headline":"4 Common Challenges Your Company Will Face With the GDPR in the UK","datePublished":"2022-06-15T22:54:49+00:00","dateModified":"2023-02-28T04:20:26+00:00","mainEntityOfPage":{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/"},"wordCount":1132,"image":{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg","keywords":["small business","medium business","gdpr","data protection rules","subject access request","DPO"],"articleSection":["Corporate Articles"],"inLanguage":"en-GB"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/","url":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/","name":"4 Challenges When Complying With the GDPR | LegalVision UK","isPartOf":{"@id":"https:\/\/legalvision.co.uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage"},"image":{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg","datePublished":"2022-06-15T22:54:49+00:00","dateModified":"2023-02-28T04:20:26+00:00","author":{"@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2"},"description":"This article explains how you can ensure you are adequately complying with the GDPR, and UK data protection rules.","breadcrumb":{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332885981"},{"@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332916732"}],"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#primaryimage","url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg","contentUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24122301\/business-image-0522192.jpg","width":899,"height":599,"caption":"What Is Misrepresentation? Guide for Small Business'"},{"@type":"BreadcrumbList","@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/legalvision.co.uk\/"},{"@type":"ListItem","position":2,"name":"Corporate Articles","item":"https:\/\/legalvision.co.uk\/category\/corporations\/"},{"@type":"ListItem","position":3,"name":"4 Common Challenges Your Company Will Face With the GDPR in the UK"}]},{"@type":"WebSite","@id":"https:\/\/legalvision.co.uk\/#website","url":"https:\/\/legalvision.co.uk\/","name":"LegalVision UK","description":"LegalVision is a commercial law firm in the UK with a commitment to innovation","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/legalvision.co.uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2","name":"Thomas Sutherland","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/image\/","url":"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg","contentUrl":"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg","caption":"Thomas Sutherland"},"description":"Tom is an Expert Legal Contributor for LegalVision. He has particular expertise in Commercial and Employment litigation, as well as data protection and privacy regulations. He is a qualified Solicitor in England and Wales and has a decade of legal experience, including advocacy within civil courts and Tribunals. Tom specialises in civil and employment litigation. He has extensive experience in advising employers and companies as to the requirements of employment law and data protection rules, as well as day-to-day advice on smooth running from a commercial perspective. Qualifications: Professional Skills Course - Law, University of Law; Legal Practice Course - Law, College of Law; Bachelor of Laws, University of Southampton.","sameAs":["https:\/\/www.linkedin.com\/in\/tom-sutherland-72b4509b\/"],"url":"https:\/\/legalvision.co.uk\/author\/thomassutherland\/"},{"@type":"Question","@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332885981","name":"When is my business required to appoint a Data Protection Officer (DPO)?","acceptedAnswer":{"@type":"Answer","text":"The appointment of a DPO is mandatory where your company's main activities involve handling 'special categories of data' or the regular monitoring of individuals. However, many organisations still appoint a DPO where not mandatory due to the various benefits they can bring to your business.","inLanguage":"en-GB"},"inLanguage":"en-GB"},{"@type":"Question","@id":"https:\/\/legalvision.co.uk\/corporations\/complying-with-gdpr\/#faq-question-1655332916732","name":"How does my company safely dispose of physical and digital documentation?","acceptedAnswer":{"@type":"Answer","text":"If the documents are in paper, your company can achieve this by shredding the data and using a reputable disposal company. However, if you wish to delete digital documentation, you should consider using specialist deletion software that ensures no one can recover it. Furthermore, you should also delete the data from any digital backups of your IT database.","inLanguage":"en-GB"},"inLanguage":"en-GB"}]}},"_links":{"self":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/3927","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/users\/13349"}],"replies":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/comments?post=3927"}],"version-history":[{"count":9,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/3927\/revisions"}],"predecessor-version":[{"id":179821,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/3927\/revisions\/179821"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/media\/3251"}],"wp:attachment":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/media?parent=3927"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/categories?post=3927"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/tags?post=3927"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}