• Startups
  • June 17, 2020

LawBite’s Countdown Checklist for GDPR | Part One

There are only six weeks to go until the new General Data Protection Regulation (“GDPR”) comes into force. If you are yet to start preparing your business you may be starting to panic, but it isn’t too late to act. Follow LawBite’s easy to digest countdown guides each week from now until enforcement on May 25th, in which we will cover each of the six key principles of the GDPR and explain what you need to do in order to get your business up to speed.

Principle 1: Data must be processed lawfully, fairly and in a transparent manner in relation to individuals

GDPR seeks to ensure that personal data is processed ‘lawfully, fairly and transparently’ in relation to individuals, without adversely affecting the rights of a data subject. Transparency is a key theme running through GDPR but what does this really mean and how can compliance be demonstrated? It’s actually pretty simple if you think of personal data as only being on loan to you from the data subject. Take the same kind of care with their data as you would if you were borrowing a friend’s car, for example. And remember at any time they can ask for it back, check you are using it properly and importantly remember that they retain control over what you do with it.

The legislation requires that you make available a privacy notice at the time you are collecting an individual’s data. Make sure any notice is fit for purpose and sets out in clear, unambiguous language how you collect data, what kind of data you are collecting, why it is being collected , how long it is kept for, whether or not it is passed on to third parties and explain the data subject’s rights, including their right to withdraw their consent and their right to lodge a complaint and, importantly, how they can contact you. Now is not the time for jargon and it is important to be explicit and say exactly what you mean! It’s also obviously important to mean what you say, so ensuring that robust data handling policies are in place but are also understood, embraced and adopted throughout your business will stand you in good stead.

In terms of the lawfulness of processing personal data, most organisations will rely on the ground of consent. Any consent you seek to rely on must be freely given, specific, informed and unambiguous so pre-ticked boxes for example, are no longer an acceptable way of obtaining consent. Any existing consents must be brought into line with GDPR so if you are in any doubt, obtain new consents and keep clear records showing you have done so. Of course, consent is not the only legal basis to rely on but whichever you opt for, in the spirit of being fair and transparent, it must be clearly identified in your GDPR documents and privacy notice. Overall, the main things to remember are that you 

must tell people what you are doing with their data and ask their permission to do it. And never assume an individual’s consent from their failure to respond! 
Next week part two: The purposes for which data may be collected under GDPR….don’t miss it!

To consult with Jessica, please submit an enquiry for a free 15-minute consultation or call our dedicated GDPR Hotline 0845 241 1843.

Also, we have put together a special LawBite Rescue GDPR Package for clients who need a little extra last minute help with compliance. Our LawBite GDPR Rescue Package contains 12 GDPR compliant document templates crafted by our expert data protection lawyers and written in plain English.  The Rescue package templates include Terms and Conditions of Website Use, Privacy Policy for Website, Data Protection Policy, IT Security Policy, Clauses for staff agreements and Consent options for Data Processing.

In addition to GDPR templates the package contains a 30 minute GDPR audit consultation and an additonal 2 hours of specific GDPR legal advce all for only £495 + VAT (versus £675 + VAT)

 Journey further… 
How LawBite works LawBite GDPR Rescue Package

In closing

Nothing in this article constitutes legal advice on which you should rely. The article is provided for general information purposes only. Professional legal advice should always be sought before taking any action relating to or relying on the content of this article. Our Platform Terms of Use apply to this article.

Related Articles

Read more of our latest blog posts, featuring all the latest legal news, analysis and opinion from our expert lawyers.

blog image
  • By LawBite Team
  • May 01, 2022
What are Articles of Association?

Setting up a limited company is one of the most common routes entrepreneurs take when they start their business. If you have decided to take this r...

blog image
  • By LawBite Team
  • May 01, 2022
Do I need a privacy policy on my website?

The short answer is yes, all businesses that process personal data must have a detailed privacy policy. In most cases, a privacy policy will sit on...

blog image
  • By LawBite Team
  • April 13, 2022
Understanding Conflict of Interest (COI)

One thing our lawyers consistently emphasise to our clients is the importance of having well-considered and expertly drafted documentation, for exa...


LawBite can help you

LawBite is on a mission to provide business legal advice that is easier to access, clearer to understand and much cheaper. Our on-line legal advice platform can quickly connect you with expert business legal advice. Our friendly, highly qualified business lawyers, solicitors and mediators will give you the guidance and reassurance that comes from customised legal advice for small and medium sized business.

Whether you are bringing or defending a legal claim, outsourcing work, want a business contract review to ward off disagreements, talk to an expert trademark lawyer, resolve a contractual dispute with methods like mediation and arbitration, or getting your new company set up and on the right footing with a robust shareholder agreement and GDPR standards, we can help you succeed.

defend a claim

Talk to a Lawyer

Book a Call
defend a claim

Essentials Plan

Join for Free