Notice on the General Data Protection Regulation (GDPR)

The General Data Protection Regulation has been approved by the European Union
to come into force as of 25th May 2018. This new law supersedes the Data Protection
Act 1998 as it places further protection on individual’s rights over their personal data.

Under Article 4 of the GDPR, personal data is defined as being “any information
relating to an identified or identifiable natural person”. This individual is known as the
data subject. Examples of personal data are names and addresses however, it also
extends to indirect identification such as gender, genetic, physical, cultural or social
data. HR and payroll information is also inclusive.

As part of our internal review process in light of this Regulation, we shall be sending all
of our clients an updated Privacy Notice.

Please ensure that you take the time to read the documents as it should provide you
with an insight as to how and why your data is processed, whom it is shared with and
the rights you have as a data subject.

How this affects your Business

Most businesses across the EU, regardless of size or nature, will hold data on their
customers. This could be as simple as email addresses and phone numbers, or more
sophisticated data storage such as tracking customers’ online habits when visiting
your website, or saved card details.

Businesses established outside of the EU are also subject to this Regulation if they
provide services to individuals within the remit of the EU.

As a Corporate Service Provider we are required to ensure that the Companies under
our administration are complying with all new legislation that is due to be
implemented.

The first step is to determine whether registration with the Independent Commissioners
Office (ICO) is required. The ICO is a public body which upholds information rights and
data privacy. If the Company is required to register, the ICO charge an approximate
annual fee of £35.00 per Company.

Please note that regardless of the registration process, most Companies will be
required to adhere to the GDPR principles as they handle some form of personally
identifiable data on individuals as part of their business dealings.
In light of the above, please note the following:

 For the Companies which have our professional Directors acting on them, an
initial assessment to evaluate the processes and procedures required to be
implemented is mandatory as we must ensure compliance with the General
Data Protection Regulation. This service is not optional and we shall be
charging a fee of £250.00 plus VAT (if applicable) per Company review. A
further fee quote shall be provided depending on the outcome of the initial
assessment and the work required to be undertaken on each of the individual
Companies.

 For those Companies which do not have our professional Directors acting, this
preliminary review is highly recommended and forms a crucial part of ensuring
that the Company is adhering to this new EU regulation which attracts
substantial fines for non-compliance. Our initial fee for this service is £250.00.
Please inform us as soon as practicable if you require the provision of this service
as we can commence the necessary preparatory work.

Please be aware that breaches under the GDPR could result in significant
consequences to your business such as a fine up to 4% of its annual turnover or EUR
20m, whichever is greater. Therefore, non-compliance with this Regulation is
detrimental to the survival of the business.

Please note that the results from the initial assessment shall be based upon the
information that has previously been supplied to Animo Associates Limited regarding
the activity of the Company.

Whist we endeavour that the information provided is up to date and correct, we

make no representations or warranties of any kind, express or implied, about the
completeness, accuracy, reliability, suitability or availability with respect to the
information provided.