What does GDPR mean for employees?

May 29, 2018


The answer is twofold – employee personal data will be collected and processed by virtue of the employment relationship and, in the course of their job, staff may well be responsible for processing the personal data of clients and customers.

Most companies and their managerial staff will have been getting to grips with updating data protection policies and procedures and cleansing their data bases for some time but, if their employees don’t understand their roles, responsibilities and rights when it comes to GDPR, and haven’t been trained, you could be leaving yourself wide open to the possibility of a data breach.  After all, data protection is everyone’s responsibility.


So, what do employees need to know?

Explain your new policies and procedures

Staff must be trained on new data protection procedures to ensure the safety of the personal data you hold on customers, suppliers, partners, contractors, employees etc. For example, ensure they understand the rules for using portable devices like laptops and mobile phones out of the office, in order to keep data secure.

In case of a data breach….

If the worst happens, your employees must know precisely what to do and by when. They should know to whom to report and that there should be no delay in informing this person of the breach.  After all, under the Regulation, serious breaches need to be notified to the ICO within 72 hours.

What are the consequences?

This new regulation has teeth. The fines have increased dramatically so you need to emphasise to your staff that there are very real consequences of a data breach under the new Regulation. Whilst the maximum fine is now €20m or 4% of global turnover there are also potentially serious consequences in terms of reputation and consumer trust – arguably equally important as the punitive measures.

How their data is being used

As an employer, you have access to personal data about your employees.

Tell your staff –

  • Of any changes to their contract and company handbook
  • Why you are processing their personal data
  • Who you will be sharing their data with e.g. payroll or pension providers
  • Their rights under GDPR, e.g. right to withdraw consent or lodge a complaint

Don’t forget to communicate in plain language. The GDPR can seem complicated but clear communication will assist your employees to understand their personal obligations when dealing with customers, their rights as an employee in your organization and, as a customer in their own personal capacity.


Contact Our Team
Catherine Burke
View Profile
Damian Phillips
View Profile
Fflur Jones
Managing Partner
View Profile
Gareth Wedge
View Profile
Mark Rostron
View Profile
Nick O’Sullivan
View Profile
Owen John
View Profile
Rhodri Lewis
View Profile
Stephen Thompson
View Profile

I have worked with Darwin Gray for a number of years and the level of service, professionalism and timely response is second to none. I would highly recommend Darwin Gray to any business.”

Becs Beslee
Dice FM Ltd

Darwin Gray have provided us with a first-class service for many years now. They really take the time to understand our business and develop relationships which results in advice and support that is contextualised and effective.”

Rebecca Cooper
ACT Training

We have worked with Darwin Gray for several years and have always found their services and advice to be first class.”

Karen Gale
Stepping Stones Group

An extremely professional and sincere company who make time for your queries and understand the need to break down certain facts and information to ensure everything is understood perfectly. I would highly recommend the company to anyone looking for any type of legal advice”

Gwawr Booth
Portal Training Ltd

PSS has worked with Darwin Gray for many years. We have always received an excellent service. Prompt and professional advice and support.”

Ledia Shabani
Property Support Services UK Ltd

We have used several departments within DG recently and we have been very pleased with an effective, efficient and down to earth service. Very happy thus far and I expect that we will continue to use DG.”

Guto Bebb
Farmers’ Union of Wales

Darwin Gray offer us truly superb services. Very professional, quick and services available bilingually which is very important to us, highly recommend.”

Iwan Hywel
Mentrau Iaith Cymru

My “go to” in urgent and time sensitive cases for direction, support and advice. The team are quick to respond to calls or emails for advice and support on all matters. Always explain complex matters in a way a lay person can easily understand.”

Margot Adams
Guarding UK Ltd