GDPR will also affect small businesses and sole traders

If you think that GDPR does not apply to you as a self-employed person, freelancer or small business, you are unfortunately mistaken. You are subject to the same rules and requirements as many large companies and what's more, you also face the same astronomical penalties. So what and how should you prepare?


From our experience and communication with clients, partners and the surrounding area, many freelancers and small businesses underestimate the preparation for GDPR because they think that this issue does not affect them or they have not even noticed that such a fundamental change in the field of work and personal data protection is about to take place. With minor exceptions, GDPR affects everyone who works with personal data. Here, even small businesses and self-employed individuals. And unfortunately, these small entities face the same astronomical penalties!

Protecting personal and sensitive data from leakage and misuse requires virtually everyone who collects and works with it, and could therefore harm data subjects (the people to whom the data belongs) if the data were to leak. Putting processes and measures in place to minimize leakage and maximize security is thus a must not only for large corporations, but also for individuals, private individuals, and people working as freelancers.

Many, if not most, smaller businesses are not prepared for GDPR. However, it is not possible to avoid the obligation to protect personal data according to the requirements of the GDPR. Based on the so-called Responsibility Principle, the GDPR specifies that data controllers and processors, regardless of size, turnover or number of employees, are to put in place technical, organisational and procedural measures in line with the requirements of the GDPR.

On the one hand, this is a lot of extra bureaucracy and work; on the other hand, it is a logical security protection in the context of modern technology and data dissemination. Now, in the electronic age, it is very easy to access company data if it is not properly secured. And it should be logical and natural to protect the data of those who have entrusted it to you. Just as logical as locking your car or apartment before you leave it or not letting small children alone on a busy road, etc.

Whether you are a large business owner or a sole trader, start preparing for GDPR. It comes into force as early as 25 May 2018 and in the meantime you need to think about how you will adjust your internal or your own procedures and processes to comply with data protection under GDPR. In simple terms, you need to be clear about who will handle the data, how it will be handled, where and how it will be stored, what will happen in the event of a leak etc etc. Stop exposing sensitive data to the risk of misuse, whether it's getting a safe or at least a reliable lock to store binders of documents or storing data on company storage instead of a flash drive that you carry in your pocket, you will reduce or even eliminate the risk of misuse.

In this article, you'll find 10 simple steps to master GDPR preparation. If you don't have the time to study all the intricacies of the regulation, contact the experts, have everything explained to you in a clear way and get help with your preparation if necessary. This will save you a lot of nerves, time and costs and you will be able to concentrate fully on the subject of your business instead of studying the official language of the regulation.