The basics 

This comes into force 25/5/2018

One of the issues with all of the noise surrounding GDPR is there seems to be a lot of information to take in and nowhere to get an overview. Here's our take on the basics.

GDPR will cover what you do with personal information and how you look after it and for how long. There’s lots on information on the Information Commissioner’s website.

Data retention

You can only keep personal information for as long as it is needed/necessary to do so. There’s no official time limit. You may have a legal requirement for some data - this requirement must be observed.

Data security

You’ve got to look after an individual's data. Don’t leave paperwork lying around for anyone to see. Store electronic data on secure computers - the minimum level of security is a password to access the machine. Consider how secure that is and who has access to it. Change it regularly and / or when an employee leaves!


Clearly the purpose of collecting names and email addresses is so that you can do some additional marketing to them. Persons must now opt in to accept marketing info from you and the box cannot be pre-ticked - it cannot be assumed they have given consent either. Assuming you are not selling their details then state this too. If you do sell or pass on data then you must be explicit in who you are passing it to and again gain consent for this.

Right to removal

If someone unsubscribes from receiving marketing material then you mustn’t contact them again about such items. If they ask to be removed then unless you have a legal obligation to keep their details then you must remove them. If you use an email marketing platform such as MailChimp then they have this functionality built in.

Nominated persons

You must nominate a data controller - someone who is responsible for all of the above. 

Additional common terms

Data processor ... someone who processes/uses personal data in the course of the day to day business.


Before you go .. 

Making Tax Digital - what's this? Find out more here

I have absolute trust in his professional advice

Michael, Towcester

their customer service and quality is impeccable

Mr C, Oakham

I have found Andrew not only very personable, but the work he carried out for me was excellent, on time, and always gave a positive return

Nick, Oakham

© 2020 Arcus Taxation Accountants is the trading name of Arcus Associates Ltd. Registered in England & Wales Company No. 05065405.

privacy / cookies

website cms powered by csb internet

01572 770552