GDPR – 6 common questions

Unless you have been on a very long holiday (lucky you if so!), it’s likely that you have heard the term “GDPR” a lot lately.  GDPR stands for General Data Protection Regulation – which comes into effect in 2018 and is likely to change the way we all do business.

We thought we would answer 6 of the most common questions and hopefully this will help prepare you for some of the changes ahead.


GDPR is essentially going to replace the Data Protection Act of 1998 with new legislation for data protection that will be consistent across all of the EU.


The changes officially come in to effect on Friday 25th May 2018.


This depends on how much, and what sort of data you hold.  The new regulations apply to anyone who is in control of, or processing data.  Any personal data should be processed “lawfully” and for a specific purpose. Once this is complete the data should be deleted.

The new rules also state that if you pass data you have collected consent for (we’ll come to this next) to someone else to use on your behalf then you need to be sure they too will be following the new legislation.


One of the main revisions that is being introduced as part of these changes is the way that consent is given by data subjects.  Data controllers must have consent that they are allowed to use individual’s personal data – and keep a record of how and when each individual gave consent.  Upon this consent being given you must also specify how long you intend to keep/store the data provided.

This means no more pre-ticked boxes and no more ‘opt outs’.


The Information Commissioner’s Office (ICO) are recommending that companies appoint a Data Protection Officer, who is responsible for and will act as a point of contact for all GDPR related queries.

You can also review, or create your privacy policy which should outline how you intend to use personal data, how long you’re going to keep it for an how individuals can be removed, or worse complain, plus more!


Yes, lots, probably enough for a series of blog posts!  We haven’t even touched on breaches, access requests, the right to be forgotten or children’s data!

In the short term we would recommend educating your staff on the upcoming changes, reviewing your privacy policy and thinking about a strategy that will help you to get your current data subjects to opt in to future contact after May 2018.

If you have any comments about this post, or any questions you think we may be able to answer please get in touch.


Posted by Jonathan



Entering our teens!

Yes, it’s true, our special birthday has been a bit eclipsed by the election, but it’s still an exciting time for us as we celebrate becoming a teen. Just like… Read more »

Anyone can gather insights, right?

True enough, there are loads of ‘do it yourself’ tools available out there and it doesn’t take a rocket scientist to create and send a customer survey, but as one… Read more »

Why is gender equality important?

As a women, research business leader, I feel that it’s important to mark International Women’s Day now, more than ever. A recent Ipsos Mori study, found that almost 1 in… Read more »

Unlocking business success

In today’s dynamic business landscape, understanding customers has become more important than ever. Consumer preferences are constantly evolving, and businesses need to adapt quickly to stay competitive. Market research plays… Read more »

My family

Happy anniversary!

When I jumped on the Zing train 12 years ago and we symbolically launched on American Independence day, I had no idea I’d still be driving it 12 years later,… Read more »

So here it is…..

2022 has passed like a whirlwind – we’ve been busier than a busy person in busy world, not that we’re complaining – the opposite, in fact, we’ve had an amazing… Read more »

Our Clients

We have extensive experience working across a wide range of industry sectors for many leading brands.