With the General Data Protection Regulations (GDPR) set to be implemented in May 2018, the UK’s SME community remains unsure about a number of related issues, including what ‘personal data’ really means; their customers’ new and extended rights, and whether the permissions they currently have to contact customers will meet the requirements of GDPR.

The results were obtained from the Close Brothers Business Barometer, a quarterly survey that questions over 900 UK and RoI SME owners and senior management across a range of sectors and regions.


Less than a third (31%) of SMEs answered ‘yes’ to the question ‘are you clear what 'personal data' means in a business context?’, with 50% saying ‘sort of’ and the remaining 19% ‘no’. 


Almost half (48%) of respondents answered ‘yes’ to the question ‘do you understand the new and extended rights that customers have when it comes to collecting and utilising their personal information?’ 


Despite the lack the clear understanding of the extended rights customers will have, 58% of SMEs are confident that the permissions they currently have to contact customers will meet the requirements of GDPR.



Of those polled, 44% said that they have a process in place to ensure their firm is collecting data in the correct manner against 35% who were ‘unsure’ and 21% admitting they had no existing process in place.


“Businesses have to be seen to be compliant and this includes ensuring these sorts of processes are in place, which are intended to ensure customers are fairly treated,” said Neil Davies, Chief Executive, Close Brothers Asset Finance.