Digestible GDPR for small to medium sized businesses

Posted on 2018-05-22 by Ri Web


GDPR legislation comes into effect on the 25th of May and many organisations have been busy preparing.


From May onwards, it will be a legal requirement for all companies to adhere to the regulations in place, or face a heavy fine up to €20 million – or 4% of a company’s global annual income (whichever is the larger amount). So it’s safe to say, you don’t want to get this wrong!


To make the rules more digestible, GDPR can be broken down into six areas where data must be:

  • Processed lawfully, fairly and transparently
  • Collected for a specific purpose
  • Limited to only relevant processing
  • Accurate and kept up to date
  • Retained for no longer than necessary
  • Protected with adequate security measures

The Information Commissioner’s Office (ICO), who is responsible for upholding GDPR, has set up an advice helpline for small organisations. However, if you don’t feel like calling the ICO, this article should help explain GDPR and how it impacts small and medium organisations, with our four top tips.


  1. It applies to all businesses, even small ones


You may have heard that GDPR only applies to the big boys, as the EU wants to make an example of them. Sadly, this is not the case and GDPR applies to any and every organisation that handles data and personal information.


However, there are some differences in the types of records companies should keep, depending on their size. Companies with fewer than 250 employees are required to hold internal records of how data is processed or if it could risk an individual’s rights. For organisations with more than 250 employees, data retained needs to include much more detail such as transfers and security measures that are in place.


  1. Changes to consent


GDPR is much more than updating privacy policy documents. How consent is obtained is becoming more relevant and it’s imperative to be open and honest about how you will use and store data. Alongside this, information on who will be able to access the data and how long it will be stored for needs to be easily accessed by users.


You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.


  1. Train your employees


Small organisations are not likely to have a GDPR consultant and may be extremely busy in the build-up to GDPR implementation. However, as mentioned above, just because you are a small organisation it does not mean you are exempt.


It’s important to set some time aside to prepare for the new rules. Take time to read up and ensure all of the steps outlined above are implemented into your company’s strategy.


  1. Don’t panic


There have been a lot of scare stories on the topic of GDPR, with lines such as ‘delete your database and start again.’


This is probably one of the most debated topics for recruitment companies in the run up to GDPR coming into effect – but it’s not true.


Explicit consent is only required for processing sensitive personal data where only an actual ‘opt in’ will suffice. Unless you have super secret data like the MI5, the implied consent of your contacts will allow you to keep your database alive and in one piece.


Here at Dovetail Group Recruitment, we have updated our privacy policy to ensure that all data handling and recruitment processes are in in-line with the new regulations. To find out more, please email us on [email protected].

Ready to talk recruitment?

Whatever the nature of your enquiry, we'd love to hear from you.

Contact Us

“We have used Dovetail on a number of occasions to recruit permanent staff. They take the time to find out about the role and feel that they understand our requirements. Dovetail are professional, efficient and have a great team, with a smile included. It is a pleasure to work with them and we would have no hesitation in recommending them.”

Business Development Manager – for SeeBrilliance

Grosvenor Services

“We have always had very good results working with the Dovetail team. There has always been consistent attention to detail and flexibility in assisting us with key hires.“

HR Director– for Grosvenor Services.


“Dovetail have supported the growth of our business for several years. I know we can trust them completely to respond quickly and effectively to our staffing needs,
meeting our crazy deadlines on both temporary and permanent recruitment“

Meirion Anderson, MD - Aberley


“Dovetail have always been the ‘go to’ company for reliable trained resource. They have consistently provided quality staff even when the timescales have been tight. Great company”

Director – for Wherewework


“I have been working with Dovetail since 2005, every time my career path has altered, Dovetail have been my constant always taking them with me where ever I have worked. They provide a first class service and quality staff on whom myself and my business can rely. If you’re looking for Service with a capital “S” you will find it in abundance here”

Director – for Wherewework

Parkway Shopping Centre

“I have been using Dovetail for just over a year and can honestly say they are always helpful and proactive in finding the RIGHT staff for my site. Their staff are friendly and professional and always follow up calls as quickly as one would wish them to”

Site Cleaning Manager – for Parkway Shopping Centre

Fidelity Energy

“Dovetail have been hugely supportive in helping us to expand our team and are always at the end of the phone. Nothing is too much trouble and they continue to provide us with excellent candidates who have been carefully matched with our individual requirements. I’d have no hesitation in recommending their services and really appreciate the friendly and professional way in which they conduct their business.”

Manager Director – for Fidelity Energy

Dovetail Candidiate

“One of the unique benefits of working with Dovetail has been the practical contact it’s afforded me within many high-profile office environments for a variety of global brands. Being able to work so closely with teams that hold themselves to a golden standard and learning about the different ways they work is valuable experience you don’t really get at university. But it’s more than that – it’s also about people and relationships and trust and team-building and the team at Dovetail is, hands down, the most warm, dynamic, and professional team I’ve ever worked with.”

Candidiate – London

Citrix Systems

“Dovetail have provided contingent labour sourcing and payrolling to Citrix across Europe and the Middle East for several years. Their key strengths include:
Flexibility – adapting to the needs of Citrix as the organisation grows.
Engagement – willing to assist Citrix expanding into new geographies and markets.
Readiness – always available to answer questions and provide information on contracts through a single point of contact.
Integration – willing to share and adopt best practice developed between us.
Dovetail consistently outperform agreed service levels. They are dedicated to helping their customers build robust processes to manage temporary resources. They form a key part of our contingent labour strategy in EMEA, and I cannot recommend them highly enough. ”

Tom Dance, Manager – Procurement Systems Training & Communications for Citrix Systems

previous arrow
next arrow