Everything your company needs for data protection.

Frequently asked questions.

  • What counts as personal data under GDPR?

    Personal data is any information that can identify you, either directly or indirectly. This includes your name, email address, phone number, any photos, IP address, or even your job title. If someone can link the information back to you, it’s considered personal data.

  • What rights do you have over your data?

    You have several rights under GDPR:

  • Access: You can ask to see what data a company holds about you.

  • Correction: You can request updates to anything that’s wrong or outdated.

  • Erasure: You can ask for your data to be deleted.

  • Restriction: You can limit how your data is used.

  • Portability: You can ask for your data in a format that lets you move it elsewhere.

  • Objection: You can say no to certain types of data use, like marketing.

  • Can a company say “we didn’t know” and avoid GDPR responsibilities?

    Nope. GDPR expects companies to know what data they collect, why they collect it, and how they protect it. “We didn’t know” isn’t a valid excuse, it’s a red flag. Ignorance can lead to fines and reputational damage

  • What happens if a company doesn’t follow GDPR rules?

    If a company doesn’t follow the rules, it can be fined up to £17.5 million or 4% of it’s global annual revenue, whichever is higher. Regulators look at how serious the issue is, whether it was intentional, how many people were affected and what the company had done to protect against it.

  • Do companies need a GDPR magician to stay compliant?

    No magic required, just good governance! Companies must document how they collect, use, and protect personal data. That includes having a lawful basis, informing people, and keeping records. A Data Protection Officer helps, nut fairy dust is optional.