Part of the Kidwells Group; explore the rest of our businesses

News & Comment

GDPR – what does it mean to an organisation?

Wake up! Your business can’t afford to treat privacy as an afterthought any longer.


From May 2018, new data protection laws (GDPR) will change.

This affects how you deal with consumer data and individual persons’ information. You may have already heard about these changes in the news, however, you can read more below.

To assist local organisations we’re holding a number of free events and training workshops.

Our Free Seminars

To explain the importance of understanding your responsibilities we have joined forces with HEXAD Information Security Services.

This free two-hour session outlines the GDPR and explains the major things your business must do to meet the requirements of GDPR. This includes the legal responsibilities of directors and board members and what they can do to become and remain compliant.

Our first seminar is already fully booked, but we have seats available on 14th November.

  Free Seminar: learn more and book here

Hands-on, practical workshops

Following on from the seminar, in conjunction with HEXAD, is the opportunity to attend separate training workshops. The workshops provide hands-on training and are tailored to your type of organisation. You will receive packs before the training, as well as a detailed booklet to take away.

The workshops are being offered at introductory discounts for a limited time. Learn more and book here:

  Workshop for Businesses: learn more and book here

  Workshop for Charities: learn more and book here

What else should I know about the GDPR?

It will be a requirement that all organisations providing goods and services to EU residents to conform to the rules it lays down, or face serious penalties.

 “The new legislation creates an onus on companies to understand the risks that they create for others and to mitigate those risks. It’s about moving away from seeing the law as a box ticking exercise, and instead to work on a framework that can be used to build a culture of privacy that pervades an entire organisation.” (Elizabeth Denham CEO Information Commissioners Office, March 2017).

GDPR is not a cybersecurity regulation. It is a data protection law and ‘Business Risk’ issue. The Information Commissioner’s Office, the UK data privacy regulator, has stated that directors will be personally responsible for breaches.

If they fail in their supervision then they will be liable to prosecution.

What are the Penalties for non-compliance with GDPR?

Penalties for non-compliance will be severe. The responsibility for compliance with the GDPR will, in practice, fall on the company’s directors. This will add to the burden that directors face in discharging their duties to the company. The Information Commissioner’s Office is at present empowered to request personal undertakings regarding future conduct from board members to ensure that the company complies with its data protection obligations.

  Send us a message   or     Call 01432 278179


Browse by Department

Browse by Year

What our clients say

Family Department 

Their help and sincere support was priceless and I really felt my solicitor cared. I really can’t thank them enough. I will be fully recommending the professionals at Kidwells.

Employment & HR Department 

It’s been a stressful 12 months but I can move on now and it wouldn’t have been possible without your expertise so, thank you very much. – Paul

Employment & HR Department 

On behalf of the Charity, I have been asked to thank you for your excellent professional and personable service which has greatly helped us in a successful recruitment campaign.