HR Advice

GDPR Countdown…….Only a Week to Go

Will you be GDPR compliant by next Friday?

May 25th is the day by which companies in Europe need to comply with the new data regulation. 

If you have maybe not been used to worrying about privacy, security or consent then GDPR will focus your mind on these issues, but what this legislation has also highlighted is that at its core, is an important step towards ensuring best practice.

GDPR is just days away now, and hopefully you are well on your way to either being compliant or making good progress towards compliance; it’s never too late to take the first steps. If you can demonstrate a genuine effort towards becoming compliant, even if incomplete, this may help in the worst-case scenario of an audit.

The ICO has a wealth of information and advice and their 12 steps are a good starting place. 

Ask yourself some questions;

Have you conducted an information audit?  You’ll need to do this to identify how you process data within your organisation.

Have you mapped and documented your company’s data flows?  Once you have documented the results of your audit, written down what personal data you hold, how you got hold of it, who you share it with now and what you plan to do with it in the future, you should also implement an appropriate data protection policy that can demonstrate accountability under GDPR.

Have you identified your company’s lawful basis for processing data? – There are six: You can hold information  

  • If an individual has given clear consent,
  • if the processing is necessary for a contract,
  • necessary for a legal obligation,
  • to protect someone’s life,
  • if processing private information is necessary for you to perform a task in the public interest or 
  • for legitimate interests.


Have you reviewed how your company is asking for consent? First of all, make sure consent is necessary; if it is make sure you’re asking for it in a transparent and prominent manner. Consent cannot be a precondition for your services, and you must keep records of an individual’s consent. Make sure to emphasise that consent can be withdrawn anytime. For processing the data of anyone under the age of 13, you need consent from a parent or guardian.

Have you provided privacy information on your website and in forms you send out?The information must be short and clear, easy to understand and easy to access. If it’s targeting children, you must make sure it’s written in a way that’s understood by them.

Do you know what to do when someone asks to see/change/delete/restrict access to their personal data?They can ask for this verbally or in writing, and you’re obliged to comply with their requests free of charge within 30 days.

Do you know that the data belongs to the people, not to your business? If they ask for it and want to reuse it for their own purposes, they can.

Do you monitor and regularly review your compliance with data protection policies and data security? Make sure you have a process in place and set up a regular review schedule.

Have you trained your staff on data protection? How will they know what to do if they have not been made aware?

Have you taken technical and organisational steps to make sure data is securely protected? Protecting data is key.

Have you nominated a Data Protection Officer (DPO) or checked with the ICO if you’re required to have one?

Do youhave data breach procedures in place, including a notification process?  If there’s been a data breach, you must notify the authorities within 72 hours of becoming aware of it.

If you have done nothing at all yet, these questions will at least point you in the right direction.

For more information or guidance on GDPR from an HR perspective, please get in touch with us on 0800 781 7256, Alison on 07976 259031 or Helen on 07950 005 228 or email us at


Don't Forget the New Statutory Payments in April

Don’t Forget the New Statutory Payment Rates This April.

We know how busy April can be, which is often the start of a new financial year for

businesses, so, to make sure you are compliant by providing your employees with at

least the statutory minimum requirements, don’t forget that from April this year new

rates will apply as detailed below.  Also be sure to make a note of the two different

dates involved.


From April 2017

From 1st April 2018




Statutory Sick Pay


£92.05 (from 6th April)

Lower Earnings Threshold



National Living Wage





National Minimum Wage

From October 2017

From 1st April 2018

Workers aged 21-24



Workers aged 18-20



Workers ages 16-17



Apprentice rate*



As ACAS highlights, please remember that a new rate will apply to the next pay reference period that begins on or after the date:

  • a rate increase begins
  • an employee reaches a new age bracket e.g.

an employee paid on the 20th of each month will start to receive the new rate of minimum wage from 21 April onwards.

*The apprenticeship rate only applies to apprentices aged:

  • under 19
  • 19 or over who are in the first year of their apprenticeship.

Apprentices aged 19 or over in their second year of apprenticeship must receive the national minimum wage or national living wage rate their age entitles them to.

For more information or guidance on statutory payments, please get in touch with us on 0800 781 7256, Alison on 07976 259031 or Helen on 07950 005 228 or email us at

Uber Reminds Us of Working Hours

Working Hours

The subject of working hours has been in the news again. Uber announced last week that they will be introducing a policy to limit the number of hours their workers drive. Through this policy drivers will have to take an uninterrupted break of 6 hours after 10 hours driving; this includes driving with a passenger and also time spent driving to pick up a passenger. It will be achieved by tracking their use of the Uber app.

This change has been in response to criticism that long hours have put passengers safety at risk and that drivers are working more hours because of the low pay. Previously Uber had admitted that 3000 of its workers worked more than 60 hours a week.

It is essential for employers to get the working hours right; right for their business and right for their employees and workers.

This is a good opportunity to remind ourselves of some of the basic rights the legislation regarding working hours provides. The working Time Regulations define working time as “any period during which the individual is working, is at the employer’s disposal and is carrying out their activities or duties”. They provide the following basic rights:

  • a limit of an average 48 hours a week on the hours a worker can be required to work, though individuals may choose to work longer by "opting out"
  • paid annual leave of 5.6 weeks' a year
  • 11 consecutive hours' rest in any 24-hour period
  • a 20-minute rest break if the working day is longer than six hours
  • one day off each week
  • a limit on the normal working hours of night workers to an average eight hours in any 24-hour period, and an entitlement for night workers to receive regular health assessments.

There are special regulations for young workers, which restrict their working hours to 8 hours per day and 40 hours per week. The rest break is 30 minutes if their work lasts more than 4.5 hours. They are also entitled to two days off each week.

Employees can opt out (in writing) of the 48-hour working week limit (which is based on a 4 month reference period) but can’t be penalised if they don’t wish to or if they do and then subsequently want to change their mind.

If you would like any assistance or advice regarding working time in your business, please call us on              0800 781 7256, Alison on 07976 259031 or Helen on 07950 005 228 or email us at