Data Protection, Peak Consultants

GDPR (Data Protection)

All businesses must properly handle the personal information given to them by individuals, eg their customers and employees. In the UK, the main legislation governing the collection, processing and distribution of personal data is the Data Protection Act 2018 (the DPA) which is enforced by the Information Commissioner’s Office (ICO). The DPA is the legislation that implements the General Data Protection Regulations (the GDPR).

If you handle personal information (and, let’s face it, you are always going to be handling personal information because as a business you have to keep records on your customers), you have a number of legal obligations to protect that information.


Information (data) you hold must be

  • Used fairly, lawfully and transparently
  • Used for specified, explicit purposes
  • Used in a way that is adequate, relevant and limited to only what is necessary
  • Accurate and kept up to date
  • Kept for no longer than is necessary
  • Handled in a way that ensures appropriate security


Ensuring you adhere to data protection policies is crucial as the effects of non-compliance can be devastating for you and your business

Protecting consumer information, in accordance with the Data Protection Act, requires businesses to adhere to specific principles

Data Protection comes into practice in business particularly when you recruit staff, amend staff records, market your products or services, or use CCTV

Following proper data protection procedures is also crucial to help prevent cyber crimes by ensuring details, specifically banking, addresses and contact information are protected to prevent fraud


Want us to call you back?

Just fill out the brief form and one of our experts will call you to discuss your needs.

  • 01761 252581

Scroll to Top