What is GDPR?

The General Data Protection Regulation is a law on data protection and privacy for all individuals within the European Union. On the 25th of May 2018, the new regulation will replace the Data Protection Act 1998, with significant changes for all organisations.

There will be tougher fines for breaches (up to 4% of the total global annual turnover). All businesses, including SME’s must be aware of the requirements needed to be GDPR Compliant and our consultants at CSE Agency can help you do that.

Why is it important to secure your Personal Data?

It is essential to secure Personal Data because of the regulations in place to protect the identity of people by the Government. As of 25th May 2018, breaches and non-compliance of Personal Data will result in tougher fines, of up to 4% of the total global annual turnover.

In terms of the business itself, failing to protect Personal Data will cause damage to the business’ reputation, high costs, etc… CSE Agency can use the latest security necessary to help SME’s to protect their data from Cyber Hackers, and even has an insurance policy to cover for the costs in case of a data breach.

Frequently Asked Questions

Yes, all businesses that process Personal Data within the European Union are impacted by the GDPR.

The definition of processing data has been drawn to contain all interpretations from collection to storing personal data.

Personal Data includes any information that relates to an identifiable individual. For businesses, this means the information collected in regards to the consumers, third-parties and employees.

Failure to protect those information may result in fines and reputation damage.

GDPR affects all businesses operating within the European Union in the same manner. The regulation means that organisations now need to filter through the data they hold in order to be compliant with the law. Keeping data that your business does not have consent for is non-compliance and will result in fines for up to 4% of the total global annual turnover, or £20m, whichever is greater.

“Hope for the best, but always prepare for the worst”

CSE Agency will look into the business’ protection of personal data in order to identify potential flows, or areas whereby a breach could occur. This could include verifying who, within the business has access to which files, where the personal data is stored, how the business computers are protected and many more.


By doing so, we will be able to come up with a suitable security policy for your business and help you minimise the chance of getting a breach. Following the policy will also mean that your business will be compliant with the regulation.


Consultants at CSE Agency can also work hand-in-hand with your current IT Team and advice them on how to secure their, and the business’ personal data. Ultimately, the choice remains yours.

“Keeping your data secured”

Having identified what needs to be protected and how, we will compile a GDPR and Cyber Security policy for your business that will include a clear procedure when handling personal data.


Data that is stored digitally and on computers within the business, will be protected using firewalls, e-mail protection, etc… Our consultant will make sure that your data is protected in the best way possible, using the latest technology security to assist us do so.

“The importance of reporting data breaches”

Reporting data breaches is an essential part of the GDPR. As explained within the regulation, it is very important for businesses to have a procedure in place to detect and investigate data breaches.


Along with the procedure, it is compulsory for the business to report a breach to both the individual and the ICO within 72 hours.


Although our protection will be at the highest quality possible, in case of a breach, CSE Agency has an emergency response team that will react to the incident directly and minimise the damage taken. Thus, it is essential for our clients to follow our 3-Step Methodology, along with our Cyber Security Policy to ensure that the risk of a cyber attack or data breach is kept at a minimum.