some alt text
soVision IT Logo - IT Support Bristol soVision IT Logo - IT Support Bristol

Bristol IT Experts for over 25 years!


soVision IT is a Cyber Essentials Certification Partner to achieve the Government Cyber Essentials Certification and comply with the GDPR.

Talk to us. It`s Free.

Protect data and comply with the GDPR

The EU General Data Protection Regulation (GDPR) replacing the Data Protection Directive 95/46/EC brings wide spread changes to the legislation on personal data protection in Europe. Specialists say that we are witnessing a real revolution, considering how these changes will affect both small and large businesses in Europe and beyond.


GDPR is a general regulation on the protection of individuals with regard to the processing of personal data. There will be a single set of rules that will apply in all member states of the European Union. People will have additional control over their personal data, transparency on data usage will be ensured, and control measurements will be imposed to protect them.


The quick and simple answer is “Yes”. GDPR applies to all organisations of any size and scope. The law covers companies, government agencies, non-profit organisations and other organisations that provide goods and services to people in the European Union or that collect and analyse data related to EU residents.


Online backup services from soVision IT are perfect for protecting data on employees’ desktops or laptops, providing a low cost, fully automated, secure backup and restoration platform that can be implemented very quickly. Once set up, the users do not have to configure or run the program at all. It can easily be scheduled to run automatically in the background, backing up key business data.

More precisely, the regulation will be directly applicable to any company that:

  • Provides goods or services to individuals in the member states of the European Union;
  • Monitors the behaviour of individuals in EU member states;
  • It has employees in European Union member states.


TOP 5 GDPR Requirements

01. Personal Data

According to GDPR, individuals have the right to know if an organisation is processing their personal data and to understand the purposes of that processing.

Any person has the right to request the organisation to delete, correct or stop processing their data, to refuse direct marketing and to revoke consent for certain uses of their data.

The GDPR comprises a new right to data portability providing individuals with the right to move their data elsewhere and receive assistance in doing so. Therefore, data controllers must ensure that they can hand over the personal data that has been provided by the individual, in a structured, commonly used and transferable format.

02. Securing personal data

GDPR requires organisations to secure personal data according to its sensitivity.

In the event of a security breach, the data controllers must notify the appropriate authorities within 72 hours. In addition, if the breach will lead to high risks for the rights of individuals, organisations will also have to notify without delay the affected people.

03. Processing personal data

Processing personal data must be done on a legal basis.

Companies must be able to demonstrate that consent for processing personal data was given by the individual. The GDPR defines consent as: “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.

04. Impact on the protection of personal data

Organisations need to assess the impact on data protection in order to anticipate the impact of projects on privacy and take action as needed.

In order to demonstrate compliance with the GDPR, recordings of data processing and evidence of consent to data processing must be maintained.

05. GDPR compliance

In order to ensure compliance with GDPR, organisations are encouraged to implement a privacy culture in order to protect the rights and interests of individuals with regard to their personal data.

Failure to comply with GDPR may result in serious fines and business partners' refusal to collaborate with your organisation.

GDPR compliance is not a one-time step, it’s a continuous process of monitoring data processing and ensuring its security, but one of the first steps you might take is becoming Cyber Essentials certified.


Cyber Essentials and GDPR

The GDPR requires you to secure all the personal data that you are processing: employee data, customer data, partners’ data etc. By achieving the Cyber Essentials certification, in case of a data breach you will be able to prove that you have taken the measures to protect personal data by ensuring at least a basic level of network security.

Cyber Essentials (CE) is a government-backed cyber security certification scheme that can help any organisation prevent around 80% of cyber-attacks. Cyber Essentials not only helps your company to reduce the risk of cyber threats by up to 80%, but also to:


  • Maintain business reputation
  • Save on potential IT costs
  • Focus on your core business objectives
  • Bid for UK government contracts
  • Gain competitive advantage
  • Last, but not least, helps you to comply with the GDPR and other laws.


soVision IT is a Cyber Essentials Certification Partner helping organisations in Bristol, Bath and the South West to achieve the Government Cyber Essentials Certification and comply with the GDPR. Being a complete ICT provider gives us the advantage of having all the resources to solve any IT security challenge that your company might be facing. Contact GDPR and Cyber Essentials experts now: 0117 986 4026