Case Study: A Kitchen Company's Disruption Due to a GDPR Claim

Trying to give the best possible service, falling foul of the GDPR...

I have been aware of GDPR for the last four years, and like many business owners I have ignored it because a) it only relates to big organisations, b) I didn’t want to do anything about it because I thought it would be costly and disruptive, c) I thought it would go away.

But then something happened to a very close relative of mine that completely changed my mind. What follows is a true story, just to explain why I started to take GDPR so seriously.

What happened?

The following happened to a relative of mine fairly recently. We have changed the name of the person involved, we will just call him Kevin, but it is a true story. It is something that could happen to any business.

Kevin is a freelance designer for a small firm that design and fit very high-end Kitchens. A kitchen was completed so Kevin rung up the customer to check everything was ok. The customer said there was a little bit of a problem, so Kevin arranged to get a fitter there the following morning to sort it out.

Once that was done, Kevin checked the customer was happy and the customer said he was, and the problem had been rectified.

About a week later they got some correspondence, threatening to sue the company. The customer said the kitchen company had passed his personal details to the fitter, without his express permission.

The company took legal advice. Two Directors and the Commercial Manager were tied up for a considerable amount of time trying to sort this out. Kevin was very stressed because he thought he may have to appear in court.

Here is a small business providing a very high-quality service. Whilst trying to look after their customers, they inadvertently left themselves open to being sued.

This incident caused a huge amount of stress, legal costs and a massive amount of disruption in the business. The company’s solicitors put up a very robust defence, and the claimant backed down.

For fairly obvious reasons, we cannot share the name of either the relative or the company he works for.

Why does this apply to me?

This is the sort of thing that all types of businesses are going to have to be dealing with more and more in the future.

Here is a scenario which demonstrates why claims companies are investing millions of pounds into this new industry of suing businesses for GDPR breaches.

A claims company in the North who used to deal with PPI claims, have just had over £5million invested into them. They are proactively advertising for people to make GDPR claims, as they see it as a booming opportunity.

Data Guardsman

For fairly obvious reasons, we cannot share the name of either the relative or the company he works for.

We started using Data Guardsman within our business and realised it was such a well-established, cost effective solution, we feel that every SME should be made aware of it.

This is why GDPR Solutions was set up.

By Telephone

Leave a comment

Please note, comments must be approved before they are published