GDPR & Data Protection

Under GDPR, defining and managing processes around personal data protection and compliance is compulsory with heavy fines in place for those who are not compliant.

What is GDPR?

The UK GDPR came into effect on 31 January 2020,  replacing the previous version mandated by the EU.

The UK data protection legislative framework is made up of the UK GDPR and the 2018 Data Protection Act. This framework controls the way information is handled and give legal
rights to individuals who have information stored about them.

UK GDPR specifies that personal information must be securely managed at all stages of processing,
including the deletion of digital information and the destruction of physical information no longer required for its original purpose.

Organisations must, therefore, ensure that confidentiality and compliance is maintained to the very

This is where Shredall SDS Group can help you.

If you’re interested in how Shredall SDS group could help you, get in touch today!

Get in touch

Higher penalties for non-compliance

Businesses face substantial fines and penalties mandated by GDPR for non-compliance with the regulation. There are two tiers of fines; up to £10 million of 2% of annual global turnover (revenue) of the previous year, whichever is higher and up to £20 million or 4% of annual global turnover, whichever is greater.

Security Solutions for GDPR Compliance

GDPR has made crucial changes to the way in which you store and access your files. With shorter timescales for subject access requests, stricter requirements for storing data and harsher punishments for data breaches, it's vital that you know exactly where each and every record you hold is stored to ensure compliance and enable fast, secure retrieval.

With loss and theft of paperwork, insecure file storage and improper disposal and data sent to the wrong recipient recorded by the ICO as some of the biggest data breach risks, it's clear that the secure storage, access and destruction of documents are key areas to confront.

Shredall SDS Group is fully compliant with the GDPR standard, and we want to ensure that our customers are too. We recommend that businesses review their existing information management processes, including how their sensitive information is stored and disposed of.

What will your business need to do?

We recommend that businesses, review the way their sensitive information is destroyed after use. Robust policies will need to be put into place and many businesses may find that outsourcing these measures will be secure and cost-effective solution. However, it is understandable that some businesses would prefer to have their shredding completed on site for added reassurance.

Nevertheless, the GDPR regulation requires proof that all confidential documents are destroyed, which the average office shredder doesn't provide. For GDPR compliance, a Certificate of Destruction will document essential shredding information to ensure secure disposal of sensitive data.

Our professional shredding services conform to the strict standards of BS EN 15713 Secure Destruction of Confidential Material, which means that we dispose of confidential waste in a secure, controlled manner and that our process is regulated by continual external audits to minimise risk.