GDPR Dos and Don’ts for Small Businesses

Resource GDPR

When the EU General Data Protection Regulation (GDPR) was passed in 2016, it introduced strict new requirements for businesses, big and small, that process personal data. While larger organizations will often have dedicated privacy teams and budgets to invest in compliant privacy programs, privacy responsibilities at small and medium businesses (SMBs) are often in addition to an employee’s main job role. This can make becoming compliant with the GDPR’s 99 articles a daunting task. But, no matter what stage you’re at with your journey toward GDPR compliance, there are a number of essential “dos” and “don’ts” to help ensure that you stay on track.


The Dos and Don’ts of the GDPR

There are certain elements of processing personal data that SMBs should consider from the outset of any new project. These include key areas of GDPR compliance such as reliance on a legal basis for the processing of data, managing data subject rights, and understanding requirements for processing sensitive personal information. This infographic includes the crucial “dos” and “don’ts” to help SMBs respect the obligations of the GDPR and accelerate their journey towards GDPR compliance.


OneTrust helps to streamline GDPR compliance efforts for SMBs through a simple, scalable, and easy-to-use compliance solution built on the most widely used privacy and security platform. Download this infographic to boost your GDPR compliance efforts by keeping these tips top of mind when handling personal data, or follow OneTrust on LinkedInTwitter, or YouTube to keep up to date with the latest on privacy compliance for SMBs.

Get Resource

Note: All fields marked with * are required

I’d like email updates on local events, news, resources and products to stay connected with the OneTrust community. Unsubscribe at any time.

I’d like a solution expert to provide product information or show me a custom demo of the OneTrust platform

How would you like us to contact you?

Privacy Notice

You can learn more about how we handle your personal data and your rights by reviewing our privacy notice.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You Might Also Be Interested In

WEBINAR | JUN 08, 2022

The New Digital and Data Strategy in the EU and UK: DMA, DSA and the UK Online Safety Bill

GUIDE | MAY 18, 2022
Consent and Preferences

IAB TCF 2.0 Checklist for Publishers

WEBINAR | JUN 01, 2022
Privacy Automation

From Data Compliance to Data Intelligence

WEBINAR | JUN 01, 2022

7 Ways Trusted Brands Promote Their Security, Privacy, Ethics, and ESG Programs

WEBINAR | JUN 01, 2022

Thailand Personal Data Protection Act Takes Effect

Third-Party Risk

OneTrust is a Leader in Third-Party Risk Management Platforms

WEBINAR | MAY 26, 2022

How successful security teams manage risk to build trust and drive growth

WEBINAR | JUN 02, 2022
Privacy Automation

OneTrust and Microsoft Come Together to Automate Employee Rights Requests

Onetrust All Rights Reserved