GDPR at Two Jay


This Friday, May 25th 2018 the ICO will begin enforcing GDPR. After a two year transition programme organisations who collect, manage, process or access EU citizen’s Personal Data should now be ready to respond to the new regulation, and the Two Jay team is happy to be part of that. 

At Two Jay, we have fully embraced the opportunities afforded by the regulation namely to deliver greater transparency and control to data subjects regarding the usage, management and processing of our data. We are all data subjects and that has to be a good thing whether from a personal perspective or a professional one. 

In response to this, we have looked at all the data flows and access points within our business and how we manage them, whether that be our own data or our customers. We have revised policies, addressed new approaches, amended practices and brought in new processes to ensure that we are compliant with the expectations. 

The team in the UK and at our India office have received training and have been made aware of the changes. They have all taken part in preparing our business for GDPR and they are fully aware of how the new regulations affects them, their day to day routines, and their interactions with all of our clients. 

Our position statement is ready and available online for our clients to read, as well as our revised Privacy Policy which we hope will reassure you that your business is in safe hands at Two Jay. For any further enquiries about how we respectfully and carefully manage access to your data or in response to exercising your individual rights, please contact our DPO at


To help you to finalise your GDPR compliance, here is our top 5 check list: 

1 – Review and refresh your consent mechanisms on and offline – make sure they follow ICO guidelines and deliver clear information for the data subject at the point of their consent.

2 – Revise your privacy policy and communicate that to your in-house team and your clients – your privacy policy should be regularly reviewed and should reflect any changes in your processes. Ensure you add in version control for clarity.

3- Check your policies and processes and ensure they are robust and compliant – these will not only help your team to deliver compliance going forward, but will also ensure that should there be a breach, your business will have established policies and documented processes to minimise any losses.

4 – Share the GDPR updates with your team and help them to prepare for client enquiries – your team is your business and ensuring that they are fully up to date with details and are able to proficiently assist client requests swiftly and efficiently is not only professional but also an expectation of the regulation.

5 – Look at the changes to your business with a longer term view – GDPR is not just for today but will also shape the future. Ensuring your business and the culture within it fully adopts a GDPR perspective will ensure your business is prepared for further changes down the line. 

Michelle EllisGDPR, DPO