We're committed to GDPR

Johnson Fleming has extensive expertise in protecting data, championing privacy, and complying with complex regulations. We believe that the General Data Protection Regulation (GDPR) is an important step forward for clarifying and enabling individual privacy rights.

What is GDPR?

In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organisations that offer goods and services to people in the European Union (EU), or that collect and analyse data tied to EU residents. The GDPR applies no matter where you are located.

Our commitment and approach

We are committed to GDPR compliance across our business to ensure that we are well placed for the new legislation that comes into effect from 25th May 2018.

 1. Clear stakeholder awareness - We have a GDPR working group made up of individuals across every department at Johnson Fleming, including Directors and Managers. This group, with support from our professional advisers, has been interpreting what GDPR means for Johnson Fleming and it’s clients whilst ensuring that all employees are fully aware of the GDPR and the impact it will have on our business.

2. Ensure readiness and assessment - We have conducted assessments to understand what changes we need to make to ensure we are prepared and complying with GDPR legislation ahead of 25th May 2018.

3. Comprehensive data mapping - We are completing a project to confirm and record any personal data we hold, who it is shared with and what controls govern its use.

4. Strong process and governance - We have always been committed to ensuring that data is managed effectively and securely and are now using the GDPR framework to assess our approach to privacy and how data protection is governed.

5. Legal and compliance validation - We are conducting a full review of how we capture consent and how compliance will be demonstrated. We are working towards providing GDPR related assurances in our contractual commitments. 

6. Effective technology - We are deploying new technologies and processes to incorporate the new GDPR legislation.

7. Data access and security - We will ensure Johnson Fleming have the right governance practices in place to respond efficiently to the new rights afforded to individuals with the new GDPR.