INSUBCONTINENT EXCLUSIVE:
Image copyrightGetty ImagesImage caption
New data protection rules have left many small businesses scratching their
heads
Are you fed up of emails from businesses imploring you to stay on their mailing listSpare a thought for the small
firms navigating the biggest shake-up in data protection rules in 20 years.The General Data Protection Regulation (GDPR) comes into force on
Friday - to cut a long and complicated story short, the new laws tighten up how companies gather data about you and how they use it
The new rules bring in multiple changes - including the need for "genuine consent" with "positive opt-in" - hence all the emails to anyone
Stella, founder of food company Sorai in Abergavenny, is one of those racing to make sure she is ready for the deadline
"It's a struggle to digest the new law on GDPR
There is no one straight-forward free information platform where you can get advice and find out more about what you have to do," she
said."As a small business it is not easy to hear about or find out about changes in laws and regulations as we do not have the capacity nor
resources to look or delve on the matter
"Ms Stella added that the authorities should have set up a support clinic for small business to attend and look specifically at their
requirements.Simply BareMedia captionLeah Blanc says the data protection shake-up 'will be nightmare'Leah Blanc is director of the Simply
They have to take personal information from clients such as contact information, next of kin, and medical conditions
She said she did not receive any warning or information about GDPR."It's been very stressful tricky and time consuming," she said."As we are
a salon, we always email our clients their appointment confirmation as well as a reminder email the day before their appointment
"I totally understand the benefits of GDPR, but just wish we had received more information about it
"It is going to be a nightmare to implement, but we will get it doneit might take us a bit longer than big corporate companies but I think
our customers will understand."Chatterbox CommsRebecca Lees is creative director at PR consultancy Chatterbox Comms in Taffs Well near
She attended a training session run by the Information Commissioner's Office, which she described as useful for a "broad overview"
"On the whole, though, it has been time consuming and also a little confusing, with different information from different sources," she
said.She identified another problem with GDPR - making her email stand out from all the others arriving in customers' inboxes."We've sent
out two rounds of emails to everyone on our contacts list, asking them to opt back in, and we've had quite a good pick-up
One of our emails was a little unusual in that we imagined what Donald Trump might say if he were tweeting about GDPR, so hopefully that
caught the eye."Red Dragon FlagmakersJo Ashburner Farr, CEO of social enterprise Red Dragon Flagmakers in Swansea, said they have been
heavily supported by the Wales Cooperative Centre which ran seminars on the new rules
She is positive about the impact of GDPR on the business
"This has been a good thing for us as we've been running a database of 10,000 subscribers with only about a 26% response on mailouts, so
[it's been] a great opportunity to declutterWorking the other way we've seen a noticeable reduction in the amount of spam we get as a
business."A UK survey of 906 firms by the Federation of Small Businesses found only 8% had completed their preparations
The new rules introduce the possibility of hefty fines for businesses if data falls into the wrong hands and they must report
breaches.However, the Information Commissioner Elizabeth Denham has previously said she recognised some companies will need time to become
fully compliant, and that they will look for "commitment" and not "perfection"
The changes have left many businesses scratching their heads - and on hold on the help line at the Information Commissioner's Office's
(ICO), which has been "extremely busy".About 23,000 organisations have called it since it was set up in November and a spokeswoman
apologised to those who have had to wait longer than they would like to get through
"With several million [small and medium-sized enterprises] in the UK, the quickest way for them to get help with their questions about data
protection and the GDPR is to self-serve on the ICO's website where there is a series of frequently asked questions with answers
It also recommended that businesses check if their trade body or sector association had produced any information to help them
Ben Cottam, FSB Wales head of external affairs, said his organisation is getting hundreds of calls about GDPR."In the first instance the ICO
should look for an approach that supports compliance rather than enforces compliance," he said.
