Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: webwork
Its far too much of a burden for SMEs who are not the problem. There is no good reason they could not exempt companies with (comparatively) limited amounts of user data and not involved in trading personal data.
you can see that no SME are targeted by investigations
According to the International Association of Privacy Professionals, more than 500,000 data protection officers have been appointed at firms across the world
A small business which stores server logs and the personal details of a few thousand customers, and uses the data only iternally is not a problem.
Please demonstrate your organisationís approach to your obligations under the General Data Protection Regulations (GDPR) in relation to person identifiable data you will collect and process during the term of this contract. In particular please address how you will:
- Have security in place that is consistent with the ICOís security guidance [ico.org.uk]
- Co-operate with supervisory authorities (such as the ICO);
- Ensure the security of data processing;
- Keep records of processing activities
- Notify any personal data breaches to the data controller