Boddy Matthews

  Boddy Matthews  

Why should my organisation bother with the GDPR?


The GDPR is a hot topic amongst business right now, particularly with 25 May 2018 “D-day” getting closer. Big headlines depicting colossal fines may be scaremongering some organisations into compliance. However, your attitude, particularly if you own or are involved in a small business may understandably be one of “why bother” with what appears to be a lot of boring and procedural admin. You may have come to this conclusion after taking into consideration the likelihood of your business being audited by the ICO and/or “getting caught” for non-compliance. You might think that the ICO will be primarily concerned with big businesses, ones that will make headline news and can afford to pay the new level fines.


However, we consider the question should instead be “Why wouldn’t you bother?”


Whilst the sanction of 2 tier fines (up to 4% of total global annual turnover or €20 million for top tier breaches) should set alarm bells ringing, this should not be your only reason for complying with the GDPR. In a world where personal data is a valuable commodity (especially in the wrong hands) organisations need to take data protection seriously and take ownership for that responsibility. We list some reasons below for why you should bother with the GDPR:


  • Compliance with data protection should be seen as a good thing and a chance to get your house in order as to data you hold;
  • If anything happened to the data your organisation holds, do you have a business contingency plan? Would you be able to continue to operate? Compliance with GDPR will assist you.
  • Use your compliance to set a standard for others;
  • Individuals and consumers have a greater understanding of the data they share and are likely to consider levels of data protection when entering into transactions;
  • Equally individuals/ consumers are ever increasingly using Twitter and other social media outlets to share their experiences. Non-compliance could adversely affect your business;
  • The brand and reputational damage to your business could be irreparable;
  • Thinking about selling your business in the future? Any failure to comply with the GDPR will come out in the due diligence process and may well decrease the value of your business;
  • It is best practice and makes business sense;
  • Use the GDPR to refresh and update your existing data pr3otection policies;
  • Depending on your current levels of data protection awareness and compliance, getting your organisation fully complaint may take some time and effort, however, the benefits are greater than failing to do so.

Office Address


Boddy Matthews Limited
7-11 High Street
Reigate, Surrey




+44 (0) 1737 339838

Chambers / Legal 500


undefined undefined

Follow Us


Facebook Twitter Pinterest Linkedin

Legal Information


Company Information
Terms of Business
Anti-Bribery & Corruption Statement
Slavery & Human Trafficking Statement
Diversity Policy
Privacy Policy
Cookie Policy