GDPR - the right to be forgotten

GDPR: will you be able to handle the right to be forgotten?

The EU’s General Data Protection Regulation (GDPR) comes into force on 25 May 2018. Designed to shift control of personal data back to the owner of the data (i.e. all of us as individuals), as such the regulation includes amongst the list of subject data rights, the right to have personal data erased.

The regulation also enables individuals to question companies about the extent of personally identifiable data held by the company – and companies will no longer have the right to charge for this service (apart from in extenuating circumstances).

A study recently conducted by UK media agency, 7 stars, found that of the UK consumers surveyed, 34 percent planned to exercise their ‘right to be forgotten’ – and three out of five were intending to question companies about their personal data held by the company.

And yet, in the Department for Digital, Culture, Media & Sport’s Cyber Security Breaches Survey 2018: Preparations for the new Data Protection Act (January 2018), 51 percent of the small businesses (10-49 employees) questioned had not even heard of GDPR. Medium sized businesses (50-249) were reporting 34 percent and micro (2-9 employees) 69 percent unaware of GDPR.

Michael Frisby, Cobweb MD, says, “With less than three months to go it is amazing that so many businesses still haven’t realised what GDPR is and the potential impact it could have on their business.  Meeting the GDPR requirements is much more about process and people than it is about implementing new compliant technology and, so at Cobweb, we’ve put together a range of support solutions to help businesses – wherever they are with their preparations.

“Based on customer feedback about the type of issues they are facing, we’ve recently added additional services to our GDPR support offerings.

“Services – ranging from GDPR awareness workshops to readiness assessments, and security posture reviews to ongoing consultancy and “virtual DPO” services – are delivered by Cobweb’s partner GDPR consultants, and experts in their field – and we’ve designed our offers to enable businesses to select the services that suit their needs.

“Once a business has started defining their processes and procedures the teams at Cobweb, who are all trained in GDPR, can help customers with implementing the most appropriate technical solutions, services and applications that will make meeting the GDPR compliance requirements easier and more efficient.

“GDPR enforcement is now less than three months’ away – if you’d like any advice or support with your journey to GDPR compliance, give us a call on 0333 009 5941 – or email – we’re here to help!” 


25 May 2018

Did you miss our GDPR event?


No problem, take a look through the slides from the day and discover how technology can help your business on its road to GDPR  compliancy!


GDPR Technology 

How to start preparing for GDPR


GDPR Journey

1. Location

Creation of an inventory of personal data

GDPR requires organisations to be able to identify every reference to any individual across all systems

2. Governance

Managing personal data access and use

Establish a clear view of existing and define new data processing activities required

3. Security

Protecting personal data against vulnerabilities and breach

Business will need to be able to prevent, detect and respond

4. Reporting

For data requests, breaches and accountability

GDPR requires a higher standard of transparency, accountability and documentation than the majority of companies will have encountered before

10 things to consider with GDPR

GDPR Journey

Cobweb's GDPR Support Package




GDPR - A Guide to Business

GDPR: A Guide for Business

GDPR resources icon

Other Useful Resources


GDPR with Microsoft
Accelerate GDPR compliance 

Symantec GDPR Guide
A new dawn of data privacy

GDPR risk management

GDPR compliance for SharePoint Content

Solutions that help your business to meet GDPR compliance


Office 365


Office 365 helps to identify or manage access to personal data and safeguard your data in the cloud. Features such as Customer Lockbox, Data Loss Prevention help you meet GDPR compliance.



Microsoft Enterprise Mobility + Security

Use multiple devices, apps and environments with Microsoft EM+S, which secures access to your business' data to prevent misuse and data breaches.



Microsoft Azure Active Directory


Azure AD incorporates comprehensive identity management capabilities and ensures that only authorised users can access your environments and data.


Dynamics 365


Dynamics 365 is the next generation of intelligent business applications and it enables you to control and manage your data and achieve GDPR compliance.



Metadata Automation

TermSet automates GDPR information discovery in SharePoint and highlights documents that contain sensitive GDPR information. 



EndPoint Protection 

Symantec Endpoint Protection provides industry-leading security as a service that protects your organisation across any device.


Email Archiving


Mimecast’s email security is the most comprehensive cloud-based email security and compliance solution on the market today.



BackUp Cloud


A powerful backup service, enabling organisations to backup data to a secure Cloud environment.