Retail And Online

Retail And Online

If you are a Business to Consumer (B2C) organisation, then protecting the personal data you collect is a legal requirement under the General Data Protection Regulation (GDPR). You need to ensure that your organisation has a clear English written privacy and cookie policy displayed on your website.

Dependent on what type of data you collect or the volume, you may also be required by law to appoint a Data Protection Officer to advise on your Data Privacy Framework, Staff GDPR Training and help carry out Data Protection Impact Assessments.

The role of the Data Protection Officer is to also carry out an annual GDPR Compliance Audit on the organisation and presenting this to the board of directors.

As a retail or online business you will be collecting card payments and you must comply with PCI:DSS which is the worldwide Payment Card Industry Data Security Standard this was initiated to help businesses process card payments securely and reduce card fraud. This is achieved through enforcing tight controls surrounding the storage, transmission and processing of cardholder data that businesses handle. PCI:DSS is intended to protect sensitive cardholder data.

Get in touch

Get in touch with our specialist sector experts team now.

Contact our experts

Key Contacts

View a list of our team and their experience now.

View Team