The GDPR Experience

Anyone who has an email account will have heard of GDPR. It stands for General Data Protection Regulation, is now in force and is the small business person’s biggest nightmare since the cookie directive.


Despite reading official advice and many other referenced materials, we are still not sure if we’ve done everything that is required. It seems that we shall not suddenly receive a demand for £20m for non-compliance as a couple of warnings will be issued first. At The BPc, we do not maintain a mailing list. We receive emails from people and companies, which are dealt with appropriately and retained in case they are needed for future reference. We never have (and never will) use the contact details inappropriately (e.g. we will not pass them on for others to use for marketing purposes). The Privacy Policy on our website has been updated tomake this clear.


We are also a paperless office and do not retain files and folders of information. Recently, we were asked if we knew the situation regarding stacks of business cards, given out freely over the years. The BPc hasn’t used business cards for a decade but we design them for clients who use them for sales and networking purposes. In our opinion, receiving a buisness card is an invitation to keep in touch but not to add the person to a mailing list. We understand that inclusion on mailing lists requires the contact to specifically opt-in. As the directive becomes clearer, we are prepared to apply updates to our privacy policy.


However, we are not qualified to advise anyone regarding GDPR so, instead, we have listed some links below which may assist you.




If you do not have a ‘CMS’ website, you may have to ask your original website designer to update your privacy policy for you.


Updating website content and news is easy with our WordPress website designs.