A bespoke workbook solution for accountants
The GDPR Workbook created by Landmark in conjunction with GDPR Auditing Ltd, is the only bespoke compliance solution for UK accountants. When completed, the Workbook will provide evidence of compliance with the GDPR.
“At last a solution that tells you what to do, and more importantly, how to do it.”
The Workbook and guides were promoted to members by the ACCA
* Verified option: When you are ready for us to verify that your work is adequate, contact us at firstname.lastname@example.org and we will organise the collection of your completed workbook in the format we provided it to you. GDPR Auditing Ltd will invoice you for the verification fee of £800 plus VAT. On receipt of payment GDPR Auditing will verify the entries in your workbook providing commentary and advice where necessary. You can return the workbook for re-verification one further time – everyone needs a second chance.
WHY YOU NEED TO TAKE THIS LEGISLATION SERIOUSLY
The enforcement notices displayed below were taken from news issued by the Information Commissioners Office 6 September 2018
Lifecycle Marketing (Mother and Baby) Ltd – FINED £140,000
The Information Commissioner's Office (ICO) has fined Lifecycle Marketing (Mother and Baby) Ltd, also known as Emma's Diary, £140,000 for illegally collecting and selling personal information belonging to more than one million people.
The data broking company, which provides advice on pregnancy and childcare, sold the information to Experian Marketing Services, a branch of the credit reference company, specifically for use by the Labour Party. Experian then created a database which the party used to profile the new mums in the run up to the 2017 General Election.
London Borough of Lewisham
We have issued an Enforcement Notice under the Data Protection Act 1998 requiring the London Borough of Lewisham to clear a backlog of subject access requests by 15 October.
This comes after the council had failed to meet agreed deadlines.
Marketing agency fined £60,000 for nuisance emails
The Information Commissioner’s Office (ICO) has fined Everything DM Ltd (EDML), based in Stevenage, £60,000 for sending 1.42 million emails without consent.
The investigation found that, between May 2016 and May 2017, the firm used its direct marketing system called ‘Touchpoint’ to send emails on behalf of its clients for a fee.
Those emails gave the impression they were sent by the clients directly, and EDML couldn’t prove that the recipients’ had ever given consent to receive marketing emails from its clients or itself.
FREQUENTLY ASKED QUESTIONS
In most cases, yes you can. You will need to adjust your printer setting to get all the data across the page, but in truth this is not to be recommended. The Workbook is a permanent, updated record of your steps to compliance and your continuing review process to stay compliant. A printed copy is merely a snap-shot in time and unnecessary in our opinion as data may change. The Excel file should be your first port of call for all matters GDPR.
Yes, you can. Where text is intended to be sent to third parties, your suppliers, staff etc, or used in online Privacy Notices, we have added a facility for you to download this copy to a Word file format directly from the relevant Workbook page.
Most of the information shared with you on the portal has a read only status, so a download option is not presently available. The Templates and downloads section has a number of useful documents that you can download or copy.
To maintain the integrity of the documents in our portal we do not have a download option. However, it is fine to share your login details within your practice to facilitate compliance in this area.
No problem. Email email@example.com and we will advise you how to organise the verify or full audit process.
Yes you can. We are developing a formal reseller program that will be available shortly after the 25 May 2018 deadline. In brief, when you have completed your Workbook you will have to pay the additional fee to have your work verified by GDPR Auditing Ltd so that we are confident you have the necessary skills. You will then be able to buy access to discounted copies of our Workbook, formatted for your client, that you can resell (there will be a maximum RRP of £600 plus VAT), and you can then provide consultancy service to your client or approach GDPR Auditing to undertake this work in partnership with your firm.
We agree, they would, and we are in the process of building this. We will ensure that Excel Workbook users will be able to upload their spreadsheet data to the online version when completed. This will provide subscribers with a permanent, secure place to manage their GDPR compliance activity. This should be available late summer 2018. We will advise as soon as the development work is completed.
The GDPR imposes ongoing duties to maintain, rather than just achieve compliance. The answer to your question is no, it is not “job done”. Your Workbook is a dynamic record, it will need to be updated as your circumstances change. We recommend a minimum a bi-annual review. You will need to take new staff and suppliers through the required compliance activity and adapt your records if you add new services that use clients or other third party personal data. The regulations are also subject to change and we will update material as required for subscribers.
"Like lots of advisers I’ve been crawling around the net for hours getting really confused about GDPR, then when I came across your GDPR Workbook and Guides my stress levels dropped a long way, and even more so when I started using them and realised how straightforward they were to work through. I’ve posted a link for colleagues on the CIMA ‘members in practice’ LinkedIn group, in answer to a thread running there about how little practical info there was about GDPR."
Mike Tombs, TLA Business Services Ltd
19 March 2018
"I would like to thank you for providing the tailored GDPR workbook and blog detailing your experience of completing the workbook. It is a great comfort to myself as a sole practitioner who is attempting to become GDPR compliant on her own. I don’t know what I would have done without you!"
25th April 2018