DIY Compliance Toolkit: Ideal for Sole Traders and Micro Businesses
Many sole traders and micro businesses struggle to maintain profitability in today’s economy, with increasing red tape taking them away from the actual business of working and making money. Our GDPR compliance toolkit is an affordable way for you to work through your compliance requirements quickly and easily, without having to spend hours trying to:
(a) understand the legislation & how to draft legal documents, policies & proceedures;
(b) become an expert on IT & cyber security;
(c) practically implement both;
(d) documenting all of the steps taken in (a) to (c) above!
Not to mention understanding what you can or cannot do when marketing, how to map your data and whether or not you should have been paying the ICO’s data protection fee since you started trading!
What is the toolkit?
The DIY Compliance Toolkit is a set of advisory documents, checklists, policies & procedures which help you to achieve GDPR compliance for your small business. The toolkit is e-mailed to you in Word format for you to complete, and it is exactly what it says – it is Do It Yourself. It is not a full consultancy service. You will need to work through all of the exercises yourself with regard to how they apply to your business, which does take time. Not all of the exercises in the toolkit may apply to your business, and all of them are generic for the general use of sole traders/micro businesses, and hence may need some amendment. However by the end of the toolkit you will be in a much stronger position to understand GDPR and to maintain compliance going forward on a practical basis. Use of the toolkit will make the process of GDPR compliance much, much simpler than if you try and tackle everything alone. The guidelines and checklists are easy to use, and can be worked through at your own pace to evaluate and ultimately achieve compliance.
The toolkit includes:
- Free Initial Consultation. We include a free 30 minute telephone consultation with our toolkit, allowing you to ask questions and to work through any problems you may have or things you don’t quite understand;
- Data Mapping & Risk Assessment. With practical examples, we guide you through how to map your data. If you don’t know who you get data from, where you store it and where it goes, how can you protect it?
- Legal Principles and Rights. This document provides a good overview of GDPR and introduces you to the seven principles and eight rights, including how they affect you practically. We also examine your lawful rights of process.
- Physical Security Requirements. Included are common sense precautions, for example clean desk policies, office security, paper waste disposal etc;
- IT. We look at cyber security, use of CMS systems, encryption, document management & storage and use of websites & e-mail. We also give practical advice regarding the use of suppliers who may store your client data outside the EU e.g. cloud services;
- Personnel. Management of the data of potential, current and past employees;
- Contracts. We look at which contracts and legal documents are likely to require to be amended in order for you to be GDPR compliant, for example employment contracts, supplier contracts, privacy & cookie policies and also Data Processor Agreements;
- Policies and Procedures. We provide pro-forma Cookie & Privacy Policies, a Policy dealing with Subject Access Requests (‘SAR’), data breaches, an IT Policy and other policies, procedures & draft letters/e-mails you may need, for example a draft e-mail template reply as regards a SAR;
- Marketing for Micro-businesses. What is the soft opt-in? What should you do with old mailing lists? Can I still use applications such as Mail-chimp? All these issues and more are covered; and
- ICO Fee. Our practical guide allows you to understand if you are liable to pay the fee and how much. Many small businesses do not understand that they are a Data Controller under GDPR and so are subject to pay the fee.
We are happy to sell parts of the toolkit separately. We do not generally recommend this, however we do acknowledge that our clients often have differing needs and may not be able to afford the entire toolkit up-front. Please contact us for further details.
What if I get stuck?
Can larger businesses use the toolkit?
Although not recommended for compliance by larger businesses, if your business is very simple with little personal information involved, the toolkit will at the very least provide good background reading and allow you to make a start on compliance. This could be done perhaps in conjunction with some consultancy services in areas where you find compliance challenging.
I can find cheaper products elsewhere! Why should I use you?
There are certainly cheaper products on the market. However, you do get what you pay for. Our toolkit combined with our telephone and e-mail advice ensures that compliance is not a guessing game. The process is quick and easy, and we are happy to guide you through each step in addition to reviewing your compliance statement and highlighting areas where you may need to do a little more work.
How can I buy the toolkit?
The DIY Toolkit costs £350. Our Terms and Conditions apply to your purchase and you should read them over carefully, as once the toolkit is e-mailed to you, we do not provide refunds. To order the toolkit we ask that you:
(a) complete our Order Form; and
(b) proceed to payment. You can pay with the ‘Pay Now’ button below or over the telephone.