Choose your Nation to see campaigns near you
Campaign #FSBeDataReady


Since the introduction of General Data Protection Regulations in May 2018 the way we store data – whether of staff or customers - has changed. You may not think it will affect all businesses but the truth is most businesses deal with personal data. Don’t get caught out – check out our hub for guidance.

Making sure you are #FSBeDataReady

Welcome to FSB’s GDPR preparation hub. Here you will find useful information and guidance on what the General Data Protection Regulation (GDPR) is and guidance on how to get GDPR ready.

The regulations will see changes brought in that will impact the way businesses handle data. You may not think that it will affect all businesses, but the truth is that most businesses more than likely deal with some sort of personal data.

We have worked with the Information Commissioners Office (ICO), the Government body leading up the work on GDPR, in creating engaging content that will help you understand and prepare for the changes.

Alongside this, you will find members talking about GDPR, a useful GDPR checklist to help you prepare and information about FSB’s legal services team that can support you #FSBeDataReady.

Are you Ready?

Checklist - making your data GDPR compliant.

1. Audit time

Do an internal audit to determine what data you have, how you use it and where the data goes.

2. Get aware

Familiarise yourself and your staff on GPDR and how it will impact your business. Make sure your procedures deliver the rights it gives individuals.

3. Record it

Make sure all your data security, handling and processing arrangements are set out in written policies or procedures. Be sure to update regularly.

4. Delete it

Make sure you safely and securely delete any data you don’t need or use.

5. Keep it under lock and key

Make sure your systems store personal data properly and securely.

6. Give me access

Prepare a plan or policy for handling subject access requests to make sure you are ready if someone asks to see their data that you hold.

7. Secure it

Prepare a security framework and an emergency preparedness plan that outlines how personal date is handled and what to do in a breach.

8. Policy review

Review and amend your privacy policies for your customers and suppliers.

9. Consent review

10. Choose a lead

If you can, designate a dedicated data protection staff member who takes responsibility for data protection compliance.

11. Age matters

If your business is children facing make sure you put systems in place to verify individuals’ ages and obtain parental or guardian consent when needed.

12. Cross-border processing

If you work across borders, find out who your main supervisory authority is and keep this information accessible.


Data protection report

Mitigating the impact of data protection regulation on small businesses.

Download the report


The Information Commissioner’s Office (ICO) has produced practical advice on how to comply with data protection law and how to improve data protection practices in your business.

FSB Legal Services

FSB Legal Services provide help and advice on GDPR. Find out more about our Legal Hub.

Video resources

GDPR: an introduction to General Data Protection Regulation

FSB member John Hurst talks about his GDPR preparations

Information Commissioner Elizabeth Denham explains why GDPR is important. 

FSB member Lars Andersen gives his views on GDPR.

 Information Commissioner Elizabeth Denham talks GDPR non-compliance

Information Commissioner Elizabeth Denham talks about the ICOs responsibilities

Information Commissioner Elizabeth Denham explains GDPR 

Information Commissioner Elizabeth Denham chats about what GDPR small business support



You may also be interested in