Skip to main content

Going into business? Start with data protection

Do you collect personal data? How are you storing your customer or client data? How can you guarantee that it is secure? If you’re thinking about going into business, or you already are, you need to think about data protection. 

Why data protection is important

If you’re in the middle of launching a business, data protection might be low down on your list of priorities. However, if you’re storing personal information, then you have to follow the Data Protection Act 2018, and the UK GDPR. These regulations set out your responsibilities as a business owner or organisation in storing and securing data. 

This is also really important because of the amount of data that businesses now store online and in the cloud. This data is particularly vulnerable to phishing, hacking and other forms of cyber-attacks; 43% of which target small businesses. If these kinds of attacks result in a data breach, this can seriously affect your customers confidence, your company brand and your reputation.

What data do you hold?

The first thing you need to think about is what sort of personal data you hold, and why you hold it. Employee details, customer details, client information; all of this data needs to exist for a reason. Identifying the kind of data you need, and not collecting the kind of data that you don’t is an important part of data protection.

Do your customers know how you use their data?

Your clients and customers also need to know that you’re holding their data, and why. A clearly written privacy policy, detailing the data that you collect from customers and the reason that you collect this data is a great way to keep your customers informed. You might also get them to sign a privacy policy so that you have a record of their consent to hold their data.

If a customer or client wants a copy of the data that you hold for them, you must be able to provide them with this. You and your customers also need to know how long you’re keeping that data for.

How to store data securely

Keeping the data in a secure way is one of the most important parts of the Data Protection Act and UK GDPR. There are a few really easy ways you can ensure that you’re storing data securely; multi-factor authentication, using UK GDPR and data protection compliant services, and transporting data securely, for example.

If you store data in hard copies only, then you need to think about where that data is stored. Is it accessible to anyone who has access to your office, or your home? In the event of a fire or natural disaster, do you have a backup for this data? What would happen if you lost that data? What would be the impact on your customers, clients and business? If you’re transporting data physically, could someone access it if your hard drive or laptop was stolen?

If you store data in the cloud, then you need to think about how this data is accessed. Multi-factor authentication makes it that little bit harder for a phisher or hacker (or anyone with unauthorised access) to access your data. Usually this means securing the cloud with something you know (a password or passphrase), something you have (a mobile phone), and something you are (a fingerprint). 

Finally, using a service that is UK GDPR compliant is a must. Microsoft 365 is a great solution; and for UK businesses it also ensures that your data centres are within the UK. This means that you won’t also need to comply with the data protection laws within other countries. 

Ensuring you’re compliant with Data Protection

This information is just a starting point to becoming compliant with the Data Protection Act and UK GDPR. There are a number of useful services that you can use to check that you’re compliant with the law. The ICO has an easy to use assessment tool for small organisations and sole traders. If you’re thinking about starting a business, don’t forget about data protection - without it, your customers’ data and your business is at risk.

Tweet us @TranscenditUK 

Photo from Unsplash


The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
Excellent service, as ever, and very prompt. It's very reassuring to know the support is there. Sharon Langridge, Langridge Employement Law

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner