Case Study #3

Galway SME

An established SME with multiple clients. Sources and books training courses on client's behalf. Data transfer to the UK with Brexit implications. Small team of employees. Uses a number of software providers with all data stored in the cloud. Legal requirement to store data for health & safety records.
Website needs a Privacy Policy
Clients need a link to the Privacy Policy in addition to Terms when signing contracts.
Contact form on website and newsletter sign up need to link to Privacy Policy.
All data stored in the cloud. No 'worst day ever' plan in place for data loss. Managing consent to store and sharing of information, including special category health data.
The first step is an inventory of what you have. Create a register of all your SAAS products and services that you use to run your business.

Accounting Programs e.g. Quickbooks or Xero
Project Management apps e.g. or Airtable
Sales & Customer management  e.g HubSpot, OnePageCRM or BriteBiz
HR to manage employees and payroll
Marketing and Social Media management including your social media accounts e.g Mailchimp, Scheduling apps and off course Instagram and Facebook
Your website and any plugins that have been installed

Finally create an asset register of your physical assets like computers, printers, routers and modems and any IoT devices like smart lightbulbs that also connect to your wireless network.

Now its simple enough to create a map of where your data travels to, who has access to it and who you share it with. This is the
Find the value in Data Protection
The most valuable asset in your business is your people.
Next is your data.
We help your people protect your data
Work with Us