29th March 2018

In a little under two months (25th May 2018, to be precise), the General Data Protection Act (GDPR) will come into force, replacing the Data Protection Act 1998.

The introduction of GDPR will result in a whole host of changes for companies to consider when handling the data they collect. With a lot of preparation and planning required, this could be particularly laborious for charities who may have limited funding and resource available to them.

Recent surveys carried out by charity insurer Ecclesiastical revealed that just over a third (36%) of charities with a turnover of less than £500,000 are unaware of the upcoming changes to Data Protection, whereas 96% of larger charities had plans already in place. You can find a link to the full Ecclesiastical report here.

To address the concern and general confusion surrounding GDPR’s imminent arrival, UNW was delighted to welcome Stephanie Coulson, Associate Solicitor at Muckle LLP, to present an update on GDPR at our most recent charity briefing.

With a primary focus on the charity and education sectors, Stephanie specialises in data protection and key legislation changes, and outlined key changes including:

  • Principles
  • SARs and Data Breaches
  • Penalties
  • Data Controversies, Processes and Subject Rights


A recurring theme from the charity representatives in attendance, the key points to take away from the briefing were:

Don’t be too concerned about fines – There’s been a lot of press around the huge fines involved with GDPR breaches, but they will work with you to ensure the risk of a fine is minimised, opposed to slapping a large fine on your organisation and dealing with the consequences afterwards.

The organisation is responsible – Charities are liable as the data controller, not any individual associated or employed by it.

Data Mapping should be your first step – To prepare for GDPR, you can access the iapp 12-step-plan here

Understand the key concepts – Always consider, do we need every aspect of the information we collect? Where should we keep it? How long should we hold onto it for?

Lastly, don’t panic! – You don’t have to have every last detail in order. Project plan and prioritise to ensure the vital changes you need to make to become compliant are actioned first.

More information regarding GDPR can be found here, or you can request the presentation and fact sheets from our briefing by emailing: enquiries@unw.co.uk

Local charity MS Research and Relief Fund (MSRRF) is looking to the future after being announced as chartered accountancy and

With less than a year to go until the introduction of HMRC’s Making Tax Digital for VAT scheme, businesses must

Corporate Fraud

The dramatic increase in fraud shows no signs of slowing down. Although the true annual cost of fraud to the

Employer Bulletin

HM Revenue and Customs (HMRC) has published its Employer Bulletin for June 2018 which is available to view at the

Founded way back in 1865 by John William Cameron in Hartlepool, County Durham, Camerons Brewery is the largest independent brewer