GRPR 100 days on


We asked Dominic Cullis, CEO, GDPR Academy about GRPR 100 days on. Dominic is also an acting Data Processing Officer.

What has been the impact so far of GDPR on businesses and on consumers?

Many organisations got it wrong and sent out numerous emails requesting consent to continue marketing to their prospect and client list.  In many cases these were unnecessary because the organisations had a legitimate business relationship with their clients or prospects on marketing databases had already provided consent and been given the opportunity unsubscribe in earlier mailings.  This had a negative impact on the introduction of GDPR, legislation that has been introduced to protect the rights and freedoms of individuals.

Early figures suggest 82% of SMEs are unaware of how GDPR affects them? What are the essential points they need to understand

GDPR legislates how Personally Identifiable Information (PII) can be recorded, stored, utilised and destroyed.  PII is any data that can either identify an individual or be used to identify an individual.  This includes obvious fields such as name, ID numbers, passport number, driving licence number as well as less obvious data such as IP address, user name, location data.

GDPR is all about protecting individual’s rights in respect to their personal data.   It establishes a framework of rights and duties which are designed to safeguard personal data.  This framework balances the legitimate needs of organisations to collect and use personal data for business and other purposes against the right of individuals to have respect for the privacy of their personal details.

Will working with other European companies become more difficult or will they all be singing from the same hymn book?

Working with organisations in the EU or more widely in the EEA will be easier now GDPR has come into force.  The Data Protection Act 2018 gained Royal Ascent in May to coincide with the start of GDPR so the UK is already aligned to the rest of Europe post Brexit.

Is it worth exploring the services of a specialist to become up-to-date on GDPR requirements, or are there a lot of sharks ready to take people’s money, when really, it’s quite straightforward to comply?

Organisations can undertake the task to become GDPR compliant, however, there is a considerable amount of work involved and some professional guidance will save time and help you to avoid making mistakes.  There are a lot of organisations offering GDPR related services so it is essential that you research them thoroughly before signing up and remember that personal recommendations from people you trust are always the best.

Quick Guide to GDPR compliance



Stay up to date with GDPR Academy by following on LinkedIn and Twitter

About GDPR Academy

GDPR Academy is dedicated to GDPR and Cyber Security. These go hand-in-hand so you are up-to-date, day-by-day on the latest developments, white papers, laws and timings et al.

Become a Member

GDPR Academy is the only place you’ll find a comprehensive body of knowledge, resources and experts to help you navigate the complex landscape of tomorrow’s GDPR and Cyber Security issues.