Twelve steps to GDPR nirvana; the final cream crackers!

Paula Veysey Smith • 5 March 2018

Twelve Steps to GDPR nirvana – the final cream crackers!

The Information Commissioner’s Office (ICO) have published a twelve-step guide for compliance; we looked at the first of those steps last week but as I said then is it a bit like trying to eat cream crackers. So, tea at the ready, let’s look at the second six steps and how they relate to the small business.

1. Consent

You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard. The ICO has published detailed guidance on consent under the GDPR, and you can use their consent checklist to review your practices. Consent must be freely given, specific, informed and unambiguous. There must be a positive opt-in – consent cannot be inferred from silence, pre-ticked boxes or inactivity. It must also be separate from other terms and conditions, and you will need to have simple ways for people to withdraw consent. Consent has to be verifiable and individuals generally have more rights where you rely on consent to process their data. You are not required to automatically ‘repaper’ or refresh all existing DPA consents in preparation for the GDPR. But if you rely on individuals’ consent to process their data, make sure it will meet the GDPR standard on being specific, granular, clear, prominent, opt-in, properly documented and easily withdrawn. If not, alter your consent mechanisms and seek fresh GDPR-compliant consent, or find an alternative to consent.

To me, this is one of the biggest GDPR impacts and I would urge you all to start now looking at this area.

2. Children

You should start thinking now about whether you need to put systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity.
There are specific rules that bring special attention for children’s personal data and if you believe that this area of compliance will impact your business please do seek further ICO guidance.

3. Data Breaches

You should make sure you have the right procedures in place to detect, report and investigate a personal data breach. This is an area that will impact larger corporations more as they will now be legally responsible for disclosing breaches at the time they happen, meaning that any member of the public will know straight away if their personal data has been affected; this can only be a good thing.

For smaller entities I believe that we should act by looking at how we hold our data and what risks there are. I have an announcement to make next week about how M:Power has acted to properly secure the personal data it holds as I have already reviewed this step to ensure that your data is as safe as it can be.

4. Data Protection Impact Assessment

It has always been good practice to adopt a privacy by design approach and to carry out a Privacy Impact Assessment (PIA) as part of this. However, the GDPR makes privacy by design an express legal requirement, under the term ‘data protection by design and by default’. It also makes PIAs – referred to as ‘Data Protection Impact Assessments’ or DPIAs – mandatory in certain circumstances. If you feel that a DPIA may be mandatory in your case, please consult the ICO guidance.

It is good for all small business to carry out an assessment and document this. The assessment will identify the most effective way to comply with GDPR obligations and also meet individuals’ expectations of privacy. And the PIA is an integral part of taking a privacy by design approach. Although this may sound slightly scary it should not take too long for you to complete a PIA and it will show if you do have any areas that need improvement or of high risk.

Nearly there – just two more crackers to go . . .

5. Data Protection Officers

You should designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure and governance arrangements. In most cases that will be you!

6. International

If you do operate in more than one EU member state, you will need to determine your lead supervising state and document this. For most small business in the UK this authority will be the UK but if you do have a more complicated framework with more than a single establishment in the UK then again, I would advise you review the ICO guidance for this area.

So, time for that glug of tea as we are now done. All entities in the UK that hold personal data in whatever form are legally required to comply to the GDPR requirements. As I said right at the beginning those of us who were already working under DPA are potentially most of the way there but it is vital that you consider these twelve steps and act on them now to ensure your compliance. I believe that, with carefully consideration, this will not become just another administration burden and the quicker you act the easier it will be to ensure that you are compliance by 25th May; that is the way to achieve GDPR nirvana.

Working from home

Working from Home Expenses You Can Claim in 2025–26

by Paula Veysey-Smith 22 May 2025
Do you work from home? If you do, either full-time or part-time, you may be eligible to claim certain expenses either against your own taxes or your Limited Company ones. Many factors will determine what you can claim such as working location, employment status (employee, self-employed, company director), and how much of your home is used for work. What can I claim as an employee of a company? You can claim: A flat-rate allowance of £6 per week (or £26 per month) without needing to provide evidence of expenses. This is the simplest method and can be claimed via your tax code or tax return. The actual costs (if you don't use the flat rate) which can include a proportion of the following: Heating and electricity Internet and phone bills Water (if it’s metered and usage is clearly work-related) You cannot claim rent or mortgage interest unless you're self-employed. These expenses can be claimed via HMRC’s online portal if they have not already been reimbursed by your employer! What can I claim if self-employed (sole trader or via a Partnership)? Here you have two options: 1. Simplified Expenses (Flat Rate) Based on hours you work from home each month: 25–50 hours/month → £10/month 51–100 hours/month → £18/month 101+ hours/month → £26/month 2. Actual Expenses Method You can claim a proportion of: Rent or mortgage interest (not capital repayments) Utilities (gas, electricity, water) Council tax Internet and phone Cleaning and maintenance Home insurance (if work-related) You’ll need to work out the percentage of your home used for business, usually by the number of rooms (not including bathrooms, corridors, storage space) or square footage. One word of warning is never claim the whole use of a room for business as every room will have duality in use. This is also important if you own your home as a room declared purely an office could attract Capital Gains Tax when the property is sold. We suggest that any room should only be claimed at 90% for business. And only one room can be used, not a multiple! These costs should be included on your Self-Assessment tax return. Can I make a claim for these expenses in my Limited Company? Yes, you most certainly can. At MPower Accounting we not only recommend using the actual expenses method as set out above, we provide our clients with a bespoke spreadsheet to calculate these expenses, and others such as mileage, on a month-by-month basis. These amounts can then be claimed as expenses to the Company and paid out to you. It is one of the tax efficient methods of taking money from your business. Capturing and calculating monthly your regular working from home expenses is the best way of ensuring they are recorded correctly. To help you do this we are offering a free download of the spreadsheet usually only available to our clients; please use the link below to get this. Paying taxes is a necessary evil but I am a firm believer in minimising this liability for both individuals and companies. Correctly claiming working at home expenses is one way to reduce your tax bill. Please do contact us if we can help you further identifying all the expenses you can claim and also for further assistance in how to correctly use and populate the downloaded template.

Tax Efficient Salary for Directors in 2025-26

by Paula Veysey-Smith 28 April 2025
Key changes in Employer National Insurance (NI) rates and thresholds for the 2025-26 year have meant advice on the tax efficient salary for Directors has significant altered.
A box of receipts sits on a desk next to a lamp and calculator - Making Tax Digital

How will I be affected by Making Tax Digital for Income Tax (MTD for ITSA)?

by Paula Veysey-Smith 23 March 2025
HMRC are starting to send out letters to sole traders and landlords in the initial steps towards Making Tax Digital for Income Tax. If you receive one of these letters do not panic, help is at hand. So let’s answer your most asked questions about Making Tax Digital. What is Making Tax Digital for Income Tax? Making Tax Digital for Income Tax (MTD for ITSA) is a UK government initiative aimed at modernising the tax system. It will require individuals and businesses to keep digital records and submit tax information to HMRC using compatible software. It is part of a broader initiative to digitalise tax returns and follows on from the changes already implemented for VAT reporting. Will Making Tax Digital affect me? MTD for ITSA will affect individuals who: Are self-employed (e.g. sole traders) and/or landlords (earning income from property). Have a total income over £50,000 per year (combined from self-employment and property). Are currently required to complete a Self-Assessment tax return. From April 2026 , MTD for ITSA will be mandatory for those earning over £50,000. From April 2027 , this threshold will reduce to £30,000. What will I have to do if my earnings are over the threshold? You will need to keep digital records for income and expenses which will mean using MTD compatible software. This will be a major change for those of you still keeping paper records. Instead of submitting an annual self-assessment return you will need to submit quarterly updates 4 times a year to HMRC. At the end of the tax year an End of Period Statement (EPOS) and a Final Declaration will need to be submitted which essentially replaces the current Self-assessment return. All of these will be required digitally, paper records and manual calculations will no longer be accepted. This means that instead of 1 annual return you will need to make 6 submissions! So what software do I need to use to keep digital records? Acceptable software include: QuickBooks Xero FreeAgent Sage or, HMRC-recognised spreadsheet tools with bridging software ( not highly recommended ) No more shoeboxes of receipts or manual books — everything must be digitally recorded. When will I need to register for MTD? You’ll need to sign up for MTD for ITSA before April 2026 . This is a deadline and not a target, signing up early is always advisable. HMRC will provide a service for you to do this but having the guiding hand of an accountant will make this a much easier task.

Understanding UK Tax Codes: A Complete Guide

by Paula Veysey-Smith 13 February 2025
What are these jumbles of letters and numbers? When you start a new job, receive a pension, or change employment, you’ll likely notice a tax code on your payslip. Although, to many, this code looks like a random combination of letters and numbers it is actually the crucial piece of information that determines how much tax is deducted from your income. Understanding your tax code will empower you to check that you’re paying the correct amount of tax and, if necessary, correct the code with HMRC. What is a Tax Code? A tax code is used by your employer or pension provider to calculate how much income tax to deduct from your pay or pension. It’s based on your Personal Allowance (the amount you can earn tax-free each year) and any other factors that affect your tax situation, such as additional income or benefits. For the 2024/25 tax year, the standard Personal Allowance is £12,570 and will remain at this level for the 2025/6 tax year. This means most people can earn up to this amount without paying income tax. Common UK Tax Codes and Their Meanings Common codes can be broken down into three main categories: Standard Tax Codes 1257L: This is the most common tax code for people with one job or pension. It reflects the standard Personal Allowance of £12,570. BR: Stands for Basic Rate (20%). This code is used when all your income from this employment or pension is taxed at the basic rate, usually because you have more than one job or pension and the Personal Allowance has already been used up. D0: This means all your income is taxed at the higher rate (40%). D1: This code applies when all your income is taxed at the additional rate (45%). 0T: Used when your Personal Allowance has been used up, and all your income is taxable. Although similar to BR this code applies to all tax rates (20%, 40% & 45%). Emergency Tax Codes The term ‘Emergency Tax Code’ is often misunderstood. This code is most often used when HMRC does not have the information to calculate the correct tax code for an individual and should be corrected when the information does become available. Usually the code 1257L W1/ M1 is used which means that the Personal Allowance is being applied. The main difference is that tax is calculated on a weekly (W1) or monthly (M1) basis rather than cumulatively. You would most usually see this if you’ve started a new job and your previous tax details are not yet available 0T W1/M1 is another emergency tax code but this means that no Personal Allowance is being applied, leading to higher tax deductions. Worldwide and Non-Resident Tax Codes NT: No tax is deducted from your income. This is usually for non-UK residents or people with special tax arrangements. K: This code is used when untaxed income (e.g., state benefits or company benefits) exceeds your Personal Allowance, meaning additional tax is due. If your tax code begins with an S then it is a Scottish code and similarly if it is a Welsh code it will begin with a C . Other Special Tax Codes There are a number of letters that may also be applied to a tax code: T: Used when HMRC needs to review your tax code (e.g., for complex tax situations or multiple income sources). Y: For people born before 6 April 1938 who qualify for a higher Personal Allowance. L: Indicates entitlement to the basic Personal Allowance. M: Given to someone receiving the Marriage Allowance from their spouse. N: Given to someone transferring part of their Personal Allowance to their spouse. How to Check and Change Your Tax Code Your tax code will appear on your payslip, P60, or P45. If you think your tax code is incorrect, you can: Check Online: Log into your personal tax account on the HMRC website . Contact HMRC: Call HMRC to request a review or correction. Seek Professional Advice: If you’re unsure, a tax advisor can help you navigate your tax situation. Why Understanding Your Tax Code Matters Getting your tax code right is essential to ensure you’re not overpaying or underpaying tax. An incorrect tax code could lead to an unexpected tax bill or a delay in receiving a refund. By understanding your tax code, you can take control of your finances and avoid unnecessary stress. Need Help with Your Tax Code or Finances? Tax codes can be confusing, especially if you have multiple income sources or complex financial arrangements. At MPower Accounting, we’re here to help! Our team of experts can guide you through your tax obligations, ensure your tax code is correct, and help you maximise your income. Contact MPower Accounting today for personalised advice and support. Let us take the stress out of tax so you can focus on what matters most. Sources: HMRC (HM Revenue & Customs): Tax Codes Overview: HMRC Tax Codes Guide Personal Allowance and Tax Codes: HMRC Personal Allowance Emergency Tax Codes: HMRC Emergency Tax Marriage Allowance: HMRC Marriage Allowance K Tax Code: HMRC K Code Non-Resident and NT Code: HMRC Non-Resident Tax Scottish Government: Scottish Tax Codes and Rates: Scottish Income Tax S Prefix Tax Codes: Scottish Tax Codes Welsh Government: Welsh Tax Codes and Rates: Welsh Income Tax C Prefix Tax Codes: Welsh Tax Codes General Tax Information: Understanding Tax Codes: Money Advice Service - Tax Codes Tax Codes for Multiple Jobs: HMRC Multiple Jobs
More posts