Category : Business News

If you process personal data, that processing is currently subject to the Data Protection Act 1998. As of next May, the EU General Data Protection Regulation – the GDPR – will take over. Continuing the changes, the new Data Protection Bill introduced recently will bring much of the GDPR, with a few minor differences, into UK law post-Brexit.

Changes in the Law

Much media attention has been devoted recently to the GDPR. Some of this has provoked questions about the future legal position on data transfer not only within the UK but also to other countries outside the EU or EEA. The good news is that, in our view, what you will need to do in the future will not really change in practical terms.

To Where are You Transferring Personal Data?

You might need to transfer personal data within or outside the UK, to a location within the EU or EEA, or to a non-EU/EEA country (a “third country”). In addition to general requirements for processing personal data, particular requirements apply to transfer of data within the UK or abroad as outlined below.

Transferring Personal Data Within the UK or EEA

Where a UK data controller has a data processor within the UK or the EEA processing personal data for it, currently the law requires a written contract obliging the data processor to act on instructions from the data controller and to comply with obligations equivalent to those in the Data Protection Act’s Seventh Data Protection Principle. The GDPR also requires the contract to detail the processing and the data processor’s obligations. Our template document Data Processing Agreement – Personal Data Security (UK/EEA) meets the current requirements for such a contract.

There are no officially recognised standard clauses for such a contract. There may be in future, but there are none on the horizon, so you may continue to use our template. If the position changes, we will, in addition to making any necessary changes to our template, advise you accordingly.

Transferring Personal Data Outside the EEA

The Act’s Eighth Data Protection Principle and the EU Directive 95/46/EC (often referred to as the “Data Protection Directive”) only allow data controllers to transfer personal data outside the EU if the destination country has an adequate level of protection for the rights of the data subjects concerned. A number of alternative methods of ensuring such protection exist, as follows, but we believe that the “model terms” option (see below) is the best and easiest solution. This is because in practice another method may not be available or it may be relatively difficult to use it. The alternatives are as follows:

1) Recognised Destination

The EU Commission website lists those countries which it recognises as satisfying the test of “adequate level of protection”. The current Act and the GDPR provide for such recognition as a means of satisfying the test for an adequate level of protection. Transfer of data from the UK to the USA is complicated. The USA is not listed as “recognised” but a transfer will be permitted if the USA recipient (“data importer”) has self-certified compliance with the Privacy Shield framework.

2) Adequate Level of Protection

If the destination country is not “recognised”, then the requirements of the Act’s Eighth Data Protection Principle may be met if the data controller concludes that there is an adequate level of protection for the person who is the subject of the data, having regard in particular to the “adequacy criteria” set out in the Act.

It may not always be easy to properly apply these adequacy criteria. Further, the self-assessment basis of ensuring an adequate level of protection will be different and reduced under the GDPR. All in all, we think it will be very difficult for you to make proper use of this method.

3) An Exemption

Schedule 4 of the current Act provides several exemptions from the application of the Eighth Data Protection Principle. Similar exemptions will apply under the GDPR. If one of them applies, you would not need to consider whether there is an “adequate level of protection” or to take any other special steps in relation to the transfer.

4) Agreement on “Model Terms”

In view of the uncertainties and difficulties of ensuring an “adequate level of protection”, it will often be easier and preferable to make use of the following means instead.

The relevant EU Directive provides that an adequate level of protection will be achieved if a data controller and data processor sign an agreement governing transfer of data on model terms issued by the EU Commission for such purposes. The Commission issued the model terms in 2010. The current Act gives effect to this means of compliance and the Information Commissioner authorised the EU Commission model terms. This creates a “safe harbour” for UK data controllers transferring personal data outside the EU or EEA. Our template document Data Processing Export Agreement – Personal Data Security (Non-EU) contains the model terms and it may be used where transferring personal data outside the EU or EEA.

Although the GDPR supersedes the EU Directive, it does not alter the model terms regime so our template can be used after the GDPR and, subsequently, the new Act come into effect. It appears unlikely that the model terms will be amended in the foreseeable future. If they are, we will amend our template to take account of those changes.

Your Experience

Do you transfer personal data to another organisation to process it in the UK/EEA or outside the EU or EEA? If so, we would like to hear about how you ensured compliance with the current Act and the Directive, and how you plan to ensure compliance with the GDPR and the new Act. If you transferred data outside the EU or EEA, then, in order to do so, have you made use of the “model terms”? Have you relied on some other option instead? Are you confident that you are complying with all legal requirements relating to data transfer?

Just when you thought you’d seen enough emotively divisive politics to last a lifetime, with the election of President Trump following hot on the heels of the Brexit referendum; along comes a general election just to make sure that peoples’ conversations don’t stray to anything quite so mundane as the weather and the weekend’s football scores. A general election is inevitably contentious at the best of times, and with Brexit front and centre, the 2017 election is shaping up to be even more so.

Now that’s all well and good, and it’s everyone’s prerogative to hold and share their political views or – as some quite understandably choose – to switch off and filter out the noise altogether. When in the company of colleagues, however, this isn’t quite so straightforward. Politics among friends can cause enough problems, and these can be come even more acute in the workplace. What, then, can employers do to keep things peaceful and productive?

Outside of the workplace, of course, there isn’t a great deal that an employer can do about their employees’ political activities unless those activities have a direct impact on their employment. An employer could, for example, take action against an employee whose political activities are bringing the employer into disrepute.

Ordinarily, however, politics in the workplace is something that should be handled with care. Even if an employee’s political affiliations may be seen as offensive, employers must take great care when considering disciplinary action or dismissal. If an employee is dismissed because of their political opinions or affiliation, the normal rules regarding unfair dismissal don’t apply: employees do not need to have had two years’ continuous employment.

There is however a line that, if crossed by an employee, entitles an employer to take action. For an employee to hold political opinions and affiliations is one thing (and don’t forget, employers can’t take any action on the basis of an employee’s membership of a particular political party), but if the expression of those opinions and affiliations crosses over into campaigning, employers are in a better position to do something about it.

As to the definition of campaigning, it can take many forms, ranging from heated political discussions between colleagues, to handing out leaflets, putting up posters, and organising political meetings. Imposing a ban on political conversations in the workplace is neither desirable nor practical, but prohibiting the more active types of campaigning is arguably quite reasonable. Politics is by its very nature a polarising subject and seems to be one that is becoming increasingly personal and, at times, hostile. By preventing staff from campaigning at work, employers can help to avoid a lot of disruption, not only to productivity but also to staff relations and morale. In more extreme cases, such behaviour could even be considered to be bullying or harassment and thus a reason for dismissal in itself. Political expression isn’t a defence to allegations of discrimination or harassment either, so be on your guard for the would-be activist on your staff that goes around upsetting everyone under the banner of free speech, and don’t take any nonsense! Action could also be taken against an employee that was found to be spending time on non-work activities like political campaigning during working hours, or perhaps using company equipment for political purposes.

As with many situations like this, it is better to be proactive than reactive, and our Political Activity in the Workplace Policy is on hand to assist, setting out the expectations and code of conduct that apply to all of your employees. Most importantly, the policy removes ambiguity by clearly setting out what is and what is not permitted and sets out the various consequences employees may face for failing to adhere to it.

It would be nice to think that after the 8th June election, politics might quieten down for a while, but with formal Brexit negotiations set to commence shortly thereafter, political temperatures seem set to remain high for the foreseeable future. Political awareness and involvement among the populous is vital, but at work it must have its limits. You can’t, after all, run a successful business if the remainers, re-leavers, and brexiteers on your staff are at each others’ throats all day long! How do you deal with political activity in your business? Is it something you would prefer to keep out? Perhaps you go the opposite way and provide specific forums for your employees to exchange and debate their political views? Your views, as ever, are welcome!

According to the Office for National Statistics, over 900,000 employees in Britain are currently employed on zero-hours employment contracts. Zero-hours contracts often crop up in the news, and it’s fair to say that they’ve gotten something of a bad name – often not without good reason. Particularly with the rise of the gig economy, zero-hours contracts and other means of securing peoples’ labour without too much commitment have become very popular with some employers.

None of this is to say that the situation is settled, however, and some are now taking action to offer alternatives to their employees. McDonald’s, for example, recently offered fixed-hours contracts to its 115,000 zero-hours employees (according to the BBC, around 20% of employees at the Golden Arches have chosen to take the fixed-hours option. We certainly hope they’re lovin’ it).

On the political front, with a general election once again on our doorstep, the Labour Party’s 2017 manifesto includes a pledge to ban zero-hours contracts. The Liberal Democrats, while not planning to ban them, have pledged to create a formal right for zero-hours employees to request fixed contracts instead. The Conservative Party manifesto, on the other hand, is silent on zero-hours contracts themselves, but nevertheless emphasises the importance of protecting those working in the gig economy – a broad statement of policy to be sure, but one that arguably wouldn’t rule out future action on zero-hours contracts.

In October 2016, the government appointed Matthew Taylor, former policy chief to Tony Blair, and Chief Executive of the Royal Society of the Arts to lead a review of employment practices. Taylor has previously suggested improvements to zero-hours contracts including the payment of premium wages to zero-hours employees. As for the review, the deadline for the submission of evidence passed earlier this week, meaning that a final report shouldn’t be too far away. While the full results of the review have not yet been published, it is believed that Taylor will recommend a right for zero-hours employees to request fixed-hours contracts instead.

With such an emphasis on the negatives of zero-hours contracts, then, it may at first appear that the benefits are all one-sided, favouring only employers. While it is true that many employees prefer the certainty and security that zero-hours contracts simply can’t offer, there are those who like the flexibility that they provide. Indeed, according to a 2013 study (updated in 2015) by the Chartered Institute of Personnel Development, many zero-hours employees were happy with the arrangement and more content than their permanently-employed counterparts. Among the benefits, zero-hours contracts enable workers to take on a more diverse variety of work instead of being limited to one specialism or department. In other cases, they may facilitate a better work/life balance – ideal for those professionals that want to focus their energies on their families as well as their offices.

There is no question that zero-hours contracts have been used unfairly, and one may even be led to question whether their recent surge in popularity may have been buttressed by a government happy to see unemployment figures drop – even if the reality is that some of those who are “employed” have no work to do; but it is difficult to argue that the solution is simply to get rid of what can – when properly used – be a beneficial employment relationship for both employers and employees alike. What may be the better option for employers, then, is to offer employees a choice.

The future of the zero-hours contract may currently be a little uncertain; but for now at least, when used fairly and in the right circumstances, both employers and employees can benefit from their flexible nature. What’s more, thanks to the Small Business, Enterprise and Employment Act 2015, since 26th May 2015, exclusivity clauses in zero-hours contracts have been unenforceable, making them somewhat fairer than perhaps they once were.

To find out more about zero-hours contracts and to see whether they might have a place in your business, take a look at our Employment templates:

– Zero Hours Contract
– Zero Hours Policy
– Zero Hours Employment Offer Letter
– Casual Workers / Zero Hours Comparison

Does your business use zero-hours contracts? Perhaps you’re a professional that is on a zero-hours contract? We want to hear your thoughts. Not all zero-hours contracts deserve the bad rap, but with the election just around the corner, they’re in the spotlight again. Would you like to see them stick around as they are, reformed with restrictions designed to protect employees, or eliminated altogether?

In just over a year’s time, on the 25th May 2018, the new EU General Data Protection Regulation, more often known simply as the “GDPR” comes into force. The GDPR is designed both to harmonise data protection throughout Europe and to modernise it, taking into account significant advances in science and technology that have taken place in recent years. In particular, the growth of the internet and the huge increase in the amount of personal data being transferred, stored and processed online (looking at you, cloud storage and social media), means that data protection legislation is long overdue for a refresh.

The first thing to get out of the way, since the “EU” part will doubtlessly be leading some to question whether or not the GDPR will be around for long, is that the UK government has confirmed that the GDPR will not be affected by Brexit. It is quite likely, then, that the Great Repeal Bill (see our previous post, here) will take care of that. Now we’ve said “Brexit”, we’ll move on.

Who Does The GDPR Affect?

In the most basic terms, if you already have obligations under the Data Protection Act 1998, you still will under the GDPR. The GDPR will apply to organisations operating within the EU and to organisations outside the EU that deal with individuals inside it.

What Does The GDPR Apply To?

As with the Data Protection Act, the GDPR applies to “personal data”. This is where one of the key modernisation points arises, for the GDPR expands its definition of personal data to personal identifiers such as IP addresses. Even personal data that has been anonymised – by using coding or pseudonyms, for example – may still count as personal data if it can be traced to a particular individual. In short, almost any kind of personal data, whether it was previously caught under the Data Protection Act or not, will likely be included under the GDPR.

The good news, however, for many businesses – especially SMEs – is that in the case of things like HR records, customer lists, contact details and so forth, the new definition will make little practical difference. That being said, for those who do a lot with online data behind the scenes, it’s certainly worth brushing up to be on the safe side.

Another key point to note is that the GDPR now applies to “data processors” as well as “data controllers”. Those processing personal data purely in a service provider capacity for a data controller will thus now also need to ensure compliance.

What Does The GDPR Say About Consent?

Organisations will need to be more proactive, and clearer with the language they use, when it comes to obtaining consent to the collection and processing of personal data. Individuals must know how their information will be used, and organisations cannot rely on silence or inactivity on the part of those individuals as consent. Not only that, but if the purpose for which you want to use someone’s data changes after getting their initial consent to use it, you must get fresh consent for the new use.

Again, in some cases, particularly for those who already pay careful attention to privacy and data protection, this will simply mean business as usual; but for others, particularly those who use customer data for marketing purposes, consent mechanisms may need to be re-thought, and clear, detailed information must be made easily accessible to customers, explaining the whats, whys, and hows of the organisation’s personal data collection and use.

How Will This Change The Way I Do Things?

Simply put, organisations need to take a more proactive approach to data protection, maintaining a much sharper awareness of privacy throughout their activities, systems, and projects. One key way in which this should be done is through the use of Privacy Impact Assessments, another new requirement introduced by the GDPR. A Privacy Impact Assessment or “PIA” should be conducted wherever a particular activity presents a risk of privacy being breached so as to minimise the risks to the individuals whose data is involved.

You may also have heard about the so-called “right to be forgotten”, especially in the context of search engines. The GDPR now brings this one to your doorstep too. If an individual requests that you delete the data you hold about them, you must do so.

Will I Need A Data Protection Officer?

If an organisation’s “core activities” involve the “regular and systemic monitoring of data subjects on a large scale” or the “processing on a large scale of special categories of data”, then it will need to appoint a Data Protection Officer.

This will apply regardless of the size of the organisation itself, so small businesses are by no means off the hook. Particularly as a result of the growth in online business, even small businesses with only a few employees may potentially be dealing with the personal details of thousands of individuals.

Among the Data Protection Officer’s responsibilities will be the carrying out of Privacy Impact Assessments, designed to identify and assess privacy risks for a given project which will involve the use of personal data (see above).

What If Something Goes Wrong?

If there is a data breach, the GDPR requires that the local data protection authority (in the UK’s case, the Information Commissioner’s Office) be informed within 72 hours of discovering it. Not only does this mean increased accountability, but for many this will also mean changes to internal systems, policies, and procedures to make it quicker and easier to spot and respond to breaches.

It’s under this heading that it’s also worth mentioning the F word. No, not that one (although you’d probably say it in the circumstances). Fines: that’s the one we mean. The GDPR is serious about increasing data protection, and penalties are no exception. Organisations that fail to comply with their obligations can face fines of up to 4% of their annual global turnover or €20 million, whichever sum is greater.

I’m Going To Be Very Busy, Aren’t I?

That depends. If your organisation is already taking data protection and compliance with the Data Protection Act seriously, the GDPR shouldn’t be anything to be afraid of. What’s more, you have a year to determine what changes need to be made and to make them, and provided you don’t mess about, that should be plenty of time.

Start by getting all relevant staff up to speed, appoint someone to oversee data protection, then evaluate your existing methods of data collection, obtaining consent, holding data, processing it, and handling individuals’ requests to see that data or have it erased. Your next step should be to determine what (if anything) needs to be improved and to get a plan in place for implementing those improvements in the time available. Remember the new responsibilities of data processors too: make sure that your suppliers and service providers are aware of their responsibilities under the GDPR and are taking the necessary steps to comply. Last but not least, don’t panic!

As ever, we want to hear your thoughts. Will the GDPR come as a shock to the system or is your business already hot on data protection? Do you think the modernisation of data protection law is overdue or do you see it as adding unwelcome burdens? Have you already started preparing? What steps would you recommend to other businesses?

Over the coming weeks and months we will be adding a range of new documents to our portfolio to help you get up to speed and up to spec with the GDPR, plus comprehensive new information on the various aspects of the GDPR with best practice guidance on how to comply. Stay tuned!

In the wake of the UK’s Brexit vote this year, it remains to be seen how the EU General Data Protection Regulation (GDPR), slated to come into effect in 2018, will impact on British businesses in the long run. Businesses have until 25 May 2018 to prepare for GDPR, which sets out uniform rules for data protection rights across the EU, as it will have direct effect on all member states from this date.

Any company – no matter whether it is inside or outside the EU – that deals with data of European citizens will have to abide by the GDPR. We are clearly living in an age when data protection is becoming increasingly regulated, so here are a few tips that will help your business tighten up its policies on customer data.

1. Don’t forget your updates

Some companies, including SMEs, fall into the habit of running their software updates during quieter periods when they envisage less disruption to day-to-day business. However, pushing back these required patches could increase the potential for an attack which could compromise your customer data. There are hackers who are always on the lookout for new methods of exploiting gaps in security, so be prepared to sacrifice time and, where necessary, invest in new ways to secure your network.

2. Keep an eye on sensitive personal data

Sensitive personal data – such as political or religious beliefs or information about health or sexual orientation – is the customer data that you should be especially wary of allowing to fall into the wrong hands. You should know exactly who has access to your customer database and change passwords regularly.

3. Clarify your privacy policy

Ensure you have a comprehensive privacy policy which clearly explains to your customers how their data will be used. Building trust between your organisation and customer base should be a priority, and you will find customers are more likely to voluntarily share their personal information with a company they trust. Don’t risk legal issues and damage to your reputation by failing to explain to your customers how their data is collected and used.

4. Don’t store what you don’t need

Keeping hold of personal customer data which you no longer need is a breach of Principle 5 of the Data Protection Act. Information such as names and addresses might be useful to your marketing objectives, but storing data such as credit card details is often not required and is simply adding to the risk should a security breach occur.

5. Utilise encryption

Encryption technology should be used to ensure an extra layer of security is provided. Encryption basically encodes data so that only users with access to the correct ‘key’ can read that information. It works by providing a safeguard against the unlawful access of data.

6. Assess security across your supply chain

It is also important that the vendors and partners with whom you work are able to demonstrate a sufficient level of security, particularly if they have access to your customer data. Always ask third parties about their security procedures before you provide them with access to your IT systems or customer databases.

7. Form a disaster recovery plan

Are you prepared for all eventualities in the scenario of a cyber-attack? You should have a plan in place. If not, consider creating one to protect your customer data and ensure the continued smooth running of your organisation.

8. The importance of testing

Your in-house IT support, or a trusted outside agency, must test your system regularly in order to identify potential vulnerabilities that could lead to the exposure of customer information. Cyber security experts or “white hat” hackers can also be brought in to examine the robustness of your security measures.

9. Bake customer data protection into your company culture

The employees in your organisation should be given training on how to handle customer data properly. They must know the correct procedure for reporting any data breach (e.g. if one of their passwords is compromised). Extra security can be added by implementing a two-step login process for employees.

10. Get the right legal advice

Should the worst happen and a security breach occurs, not only damage to your organisation’s reputation but a financially crippling court case could feasibly be on the cards. That is why you need to understand your obligations, regarding customer data. A data protection lawyer can help decide on the language you use in your privacy policy and contracts with business partners.

At Simply-Docs, we have a wide selection of ready-to-use documents that will help you create IT and data protection policies. To talk more about how we can help you build procedures to protect customer data, simply contact our friendly team today.

The freedom to pick and choose how, when and where you work are some of the big advantages of becoming a freelancer, and it can be tempting to jump right into the world of self-employment for these very reasons.

However, if you’re not fully prepared for the implications of freelancing, you could be surprised by many of the challenges which come with working for yourself. Consider whether you are ready to give up the day job by asking yourself the following five questions:

1. Do you have a portfolio of work?

No matter how much experience you have, clients will always want to look at examples of your previous work to see if you’re right for them. If you don’t have a portfolio yet, be sure to prepare one and publish it on your website – or at least build up your LinkedIn profile.

You could offer your services to friends or family for free or create your own projects. For example, those wishing to become a self-employed writer can create a blog to showcase their skills – and a budding freelance software developer could build an app or freely downloadable software.

2. Do you know how to pitch work?

Depending on the nature of your freelance work, you may be required to pitch your services to clients face-to-face, over the phone or via email. You should have a well-rehearsed and persuasive pitch and be confident in your ability to sell your service, as well as yourself. If you struggle to pitch your work you might struggle to find clients.

A successful pitch should explain exactly why you’re right for the job, bringing in prior experience and areas of expertise that are relevant to the client or job in front of you. Practise pitching to friends and family members first, and be sure to get your website copy right down to the[a2]  last detail before using it as a basis for your pitch.

3. Could you offer competitive rates?

Figuring out what you will charge for your freelance services is incredibly important but also pretty tough. You’ll want to earn enough to make your work worthwhile and to pay your basic monthly bills, whilst offering value for money to your client. You’ll also want to position your prices in line with your competitors in order to make your service appealing.

Many freelancers provide quotes to their clients on a project-by-project basis, so you can assess every request that comes in and tailor your prices in accordance with the amount of time required to complete the job. But it’s always a good idea to also have a basic hourly and daily rate in mind, as some clients prefer to work on this basis.

Remember that you need to offer clients value for money. Let’s say you’re a graphic designer who takes 10 hours to produce a logo. If you want to work at a rate of £40 per hour, you may quote a client £400 to create a logo design. If that same client has received a quote of £300 for the very same job from another freelancer, your pricing won’t seem like value for money. Will you be able to explain to your client why your pricing is higher, and what added value they’ll receive from paying you more? Perhaps it will be of superior quality, turned around faster or you’ll be able to provide the logo in multiple formats. Whatever your USP, be sure that you remain an appealing choice to potential clients by ensuring that you offer value for money.

4. Are you financially prepared?

The biggest downside to working as a freelancer is the lack of a reliable monthly income, which is very daunting when you have regular monthly expenses to pay such as rent, mortgage or utility bills.

Depending on the industry you work in, it may be possible to find clients who can provide you with work on a consistent enough basis that you can maintain a steady stream of income, but it is not a guaranteed wage. You also have to consider scenarios such as late payments from clients or unforeseen business expenses.

To ensure that you can stay afloat at times where business is slow or invoice payment is delayed, you should have some savings behind you. Aim to save three to six months’ worth of income before you quit the day job and go freelance, as this should give you a good safety net for those tougher times.

5. Could you successfully maintain professional client relationships?

One of the trickiest things about working as a freelancer is developing successful relationships with clients. Your clients pay your wages so they are the closest thing to a boss, but remember that you are running a business and do not rely too much on repeat business or view them like an employer.

You also need to make sure that you’re paid fully and on-time. No matter how pleasant and reliable a client may be, you should ensure that contractual terms are agreed in writing in advance of starting any work to avoid misunderstandings further down the line. The idea of drawing up legal contracts, invoices and terms and conditions may seem daunting to new freelancers, but putting these in place can help to secure the success of your fledgling business.

At Simply-Docs, we have a wide range of valuable business documents for freelancers, including invoice templates and a range of  service agreements .

To remain financially stable in today’s competitive climate, a charity needs to run its operations with business-like standards.

Just like a business, many not-for-profit organisations have a board of directors, executives, human resources personnel and a marketing department. So why run a charity differently from a business just because the goals are different?

Successful not-for-profit organisations have strategic plans, keep financial records and have audits, so it’s important to invest in key aspects of the charity, just as you would with a business, to help it make a difference.

Importance of effective strategies

When a business is doing well, consumers realise the value of purchasing its products or services. When a charity is doing well, donors enjoy seeing the rewards of doing something good. A charity needs a competitive, effective strategy to help it support its beneficiaries. Typically, charities have less resources and capital for investment so, in a way, it’s even more important for good business sense to play a role.

The not-for-profit sector must ‘do more with less’ in every way, so needs to think differently to be more innovative and creative with what it has. In order for charities to experience business growth, sustained quality investment to promote their goals and values is crucial. A charity’s success should be measured by how its investments help it to raise more funds and do increasing amounts of good work. Charities should work to a set of standards that include leadership, transparency and results.

Streamline operating processes

The best way for charitable organisations to save on running costs is to work towards achieving streamlined processes with well-trained leaders, as spending vast amounts of money on staffing is not feasible and can eat away at funds better spent elsewhere. To this end, charity leaders could benefit from taking advice from small businesses; something that many may not even consider because they have never viewed themselves as a business.

As with business investors, charity investors wish to see the results of their investment. To produce a sustained and strategic impact, charities must be run like a business, with strategy, discipline and a strong focus on outcomes.

Be accountable

Any organisation receiving charitable support must be as accountable to the donors as a company’s board is to the shareholders. In a way, the donors are the stakeholders and therefore should be able to understand the ‘return’ on their investment.

Otherwise, they may feel as if they’re throwing their money into underperforming organisations that aren’t spending it in the most effective manner. Anyone who supports any cause has the right to expect effective strategies and efficient operations to put their money to best use.

For example, if an organisation is seeking to provide greater community amenities, it can prove the impact it’s having by counting the number of wells it has built in central Africa, or the number of playgrounds provided for poorer inner-city areas.

Management skills

Management skills are often as important as technical know-how. Trustees should search for chief executives who have the right qualities and skills to lead their organisation. Charities can benefit greatly from the experience of managers in the field who can make qualitative judgments based on comparing costs with benefits.

Putting the focus on efficiency and outcomes will work for any type of charity, no matter who the beneficiaries are. Whatever the mission, there must be a balance between expenses and revenue, with goals being set so that funding will continue.

There’s no aspect of running grass-roots and charitable movements that won’t benefit from a disciplined approach. Adopting sound business principles will make a charity more likely to accomplish its goals.

Overcoming sector challenges

It’s not always easy for charities to think like businesses. Due to the nature of the causes they support, some may find it more difficult to show clear, measurable goals. However, that doesn’t mean they shouldn’t try, as they owe it to the donors, managers, the board, the beneficiaries and the employees to adopt the best strategy possible to achieve their aims.

In today’s technical age, when the internet has made it easy and inexpensive to collect data of all kinds, anyone who is passionate about a charity’s work has more options to find out how it’s performing. Collecting data can measure results, enabling the charity to improve its performance.

Metrics should be seen as useful tools, rather than shackles. They can improve the effective use of money, time and people. A dream with a firm plan behind it has a better chance of becoming a reality.

Skilled people at the top

Today’s charities are a far cry from those that started life in the Victorian era to help impoverished sections of the community. In reality, many of today’s national and international charities resemble multi-million pound businesses, with funding coming from many quarters. As such, the managers should possess the skills to run an organisation of this size.

Charities must focus on squeezing the best value out of every pound that’s donated. By stripping out unnecessary administration costs and streamlining operations, efficiency savings can equate to more money being donated to those who need it.

Long-term focus

Strong leadership and effective business acumen are transferable skills that can benefit not-for-profit organisations. Some new charities fail within a relatively short period of being launched. In order to have a sustainable, long-term impact, a charity must focus on achieving its intended outcomes and also making a surplus.

Otherwise, it will be extremely difficult to continue operating, because in addition to fundraising for your cause, expenses must be taken into account, such as salaries, bills and other running costs. It’s crucial that finances remain steady because, however worthwhile the cause, if it’s being run by someone who can’t balance revenue and expenses, it’s going to end up in debt and will fail. Just like in business, it all comes down to maximising efficiency by having a good strategy, business-minded people in control and strong discipline to work towards a goal.

How can we help? Simply-Docs have a wide selection of ready-to-use document templates designed to help charities run more efficiently.

Intellectual property (IP) can cover a variety of elements, from patents and registered designs to any content you write for your business. It is crucial to the success of your company that you protect your IP, as this can be as important as the products or service you sell – sometimes more so.

If your business is based on your IP (e.g. a patent), then it becomes even more vital to protect this. With that in mind, these helpful tips provide some easy-to-adopt practices that will help you protect your business and enable it to thrive and grow.

1. Get a good understanding of IP

IP is sometimes an intangible asset that can make or break a business. It encompasses creations of the mind, including patents, designs, literary and artistic works, and trade marks.
IP can be protected through a variety of measures which offer recognition and help protect earnings. If managed correctly with conscious planning, this can safeguard a business’ assets and ensure healthy relationships with clients, partners and competitors alike.

2. How does IP relate to my business?

Whether you are an inventor, creative designer, writer or software developer, your work will often constitute IP. If you seek the appropriate help and protect your idea, this can work to protect the longevity of your business, prevent competitors from benefiting from your IP and even give you options to sell your IP rights in the future.

3. How can IP affect my business?

If unprotected, your lead competitor can take advantage of your IP, and potentially take your product to market before you. Speed is everything, meaning you could lose your competitive edge and potential customers, damaging both your reputation and cash flow.

Once you have protected your IP, your competitive edge is safeguarded, along with your market share. This gives you a right of challenge, should anyone copy your work, but also the opportunity to sell these rights should you wish to step out of the market, or diversify your business.

4. Do I need a trade mark?

If you wish to run a small, localised organisation, then a trademark may not be necessary. For those wishing to conduct their business online, have a niche product, or wish to develop on a wider scale, a trade mark could be of benefit. If you are unsure, always seek legal advice.

Registered trade marks last for 10 years and, although they can take some time to establish, are a steadfast way of protecting your brand.

5. Working with contractors and suppliers

If you work with contractors, freelancers or non-employees on any form of IP development for your business, you should put in place a written agreement which not only describes and records the IP, but which also contains a clause stating that all IP created belongs to your business. Otherwise, the IP can revert to the contractor.

If you need to disclose any confidential IP or trade secrets to third party suppliers, either prior to negotiations or upon commissioning work, always draw up a non-disclosure agreement (NDA) beforehand.

6. Look to the future

Every new business needs to plan for the future, so be sure to think about your IP before forging any new path for your business. Do you intend to take your idea to a wider market than you currently trade to, or are there similar products already in existence? If so, then make sure you have any relevant IP protection in place.

7. Enforcing your IP protection

The law is there to defend your IP. If you believe an organisation has copied your patented product, or plagiarised content you have created, then you may be able to seek redress. Solicitors that specialise in IP can guide and support you through any proceedings.

8. How does IP law protect me?

Civil – and sometimes criminal – prosecutions can be made against those in breach of IP. However, most disputes can be resolved at an earlier stage, by simply using a cease and desist letter.

9. Keep your records

Many businesses whose IP has been breached have lost their cases, or been unable to make a successful challenge due to a lack of record keeping. By creating and keeping comprehensive records, such as IP registration, NDAs and patents, you have absolute proof that your property belongs to you.

10. Protecting your business

Make sure that you understand how to protect any business IP – talk to a solicitor or your local Chamber of Commerce. Also make use of the wide array of IP information and forms available online.

How can we help?

Simply-Docs have a wide selection of ready-to-use document templates that can help businesses to protect intellectual property – including copyright agreements, cease and desist letters, patents and more. Alternatively, to talk about how we can help your business, simply contact our friendly team today.

In April 2016, landfill tax reached £84.40 per tonne. Apart from the direct cost, complying with the wide array of environmental regulations makes dealing with commercial waste even more expensive. So learning how to use your resources more efficiently and reducing waste is something that can help save your business a significant amount of money.

With that thought in mind, here’s our guide to effective waste management and the associated cost-saving benefits.

Reducing Waste in Your Business

If you have only just begun to think about how your business can reduce waste, it’s best to start small and build from there. This way, you can begin introducing structured tasks into your business’ processes that will help you work towards a culture of waste reduction – rather than just disposal.

To help get you underway, here are some waste reduction ideas for three common types of businesses: offices, restaurants and manufacturing.

In Your Office

Did you know that printer ink is one of the most expensive liquids in the world? As such, simple rules designed to reduce ink wastage are a great idea. For example, programming printers to print in black and white rather than colour, and encouraging your employees to view documents on their desktop as much as possible, can save your business a considerable amount of money.

Recycling one tonne of paper saves approximately 682.5 gallons of oil, 26,500 litres of water and 17 trees. Recycling paper in your office can also save you money. Reusing envelopes and incoming packaging, and converting pieces of scrap paper into notepaper, are all tactics used widely by ‘green-thinking’ offices.

In Your Restaurant

The UK’s Sustainable Restaurant Association (SRA) released a Too Good to Waste report that estimated restaurants could save more than £2,000 a year by reducing food wastage by 20%. Preparing food only when it’s ordered and regularly monitoring use-by dates are both processes you can introduce to help manage food waste better.

In relation to reducing packaging waste, there are several simple changes you can make. For instance, you can request that your suppliers package all your stock in recyclable materials. Or, if you have a takeaway restaurant, you can make an effort not to over-package the food that leaves your shop.

In Your Manufacturing Business

For manufacturing companies, the inefficient use of raw materials and waste disposal costs between 5 and 10% of total turnover. Faced with this statistic, the cost-saving potential of more effective waste management for manufacturing businesses is obvious.

Taking a ‘buy only what you need’ approach to stock control and procurement can save you money on purchasing unneeded materials. Equally, reviewing your business processes to ensure all equipment and materials are being used as efficiently as possible is a great way to keep costs down.

Your Legal Responsibilities as a Business

All businesses are legally responsible for managing their own waste. If you’re a business owner, the restrictions on what you can – and cannot – send to landfill are often stricter than for residential waste.

What’s more, you can face financial penalties if you do not handle waste according to legislation, or if you don’t have the right paperwork in place before it leaves your premises.

If you would like further information on waste legislation and regulations for businesses, take a look at this government guidance.

Final Thoughts

The amount of money you can save through effective waste management will differ from business to business. However, if there are currently deficiencies in your business’ waste management strategy, there are considerable savings that can be made.

If you’re hoping to make your business more efficient, Simply-Docs can help. We have a wide selection of customisable ready-to-use documents that will enable you to protect your business, while managing your legal and compliance requirements.

You can browse through our complete range of documents by clicking here. Or to speak to one of our staff about how we can help your business keep up with legislation – contact us today.

Whilst the public supports UK charities with generous donations to help them provide a huge benefit to the community, many charities – some of them household names – have increasingly maximised their fundraising using methods which the public find unacceptable. It appears from the way that some charities act that they consider their admirable aim of raising funds to help their beneficiaries somehow justifies aggressive or other dubious means of fundraising by those charities.

How has this come about?

It might be deliberate policy of trustees to fundraise in that way. It might be that whilst charity trustees do not decide that their charity should act in that way, their fundraising staff or volunteers choose to be “over enthusiastic” or cut corners. Charities often engage commercial businesses as contractors to carry out fundraising for them. They are often paid on a results basis, and they may be incentivised by this to act in an “over enthusiastic” manner or worse.

Whether it is the charity’s staff, volunteers or its contractors which are at fault, it remains the responsibility of the trustees to supervise them and to avoid  unacceptable fundraising practices.  It is understandable that charities want to maximise fundraising, and many of them have to compete with other charities for support from the public but the public is entitled to expect charities to use generally acceptable methods and to operate in a way which conforms to clear standards. However, even if one leaves aside the issues about moral or legal acceptability of certain fundraising methods, use of questionable methods by charities may be counter-productive for them: it tends to lead to public disapproval of those methods, charities lose public trust and confidence, their reputation suffers, and the public becomes more reluctant to donate to them. So, just in terms of pragmatism, in the long term it is therefore in a charity’s overall best interests to adopt acceptable fundraising methods.

Public and media complaints

A survey carried out by Harris Interactive for the Third Sector website early in 2016 found that recent stories in the media about charities’ fundraising methods had made 22% of the public much less likely or slightly less likely to donate, and amongst those over 55, this rose to 35%.

A great deal of media criticism has been directed at some charities’ fundraising practices in recent years, particularly since the case of Olive Cooke who died in May 2015 after being distressed and overwhelmed by requests from charities by post and phone for donations. As a result the Fundraising Standard Board investigated the issues raised by complaints received by the Board, and it made a number of findings.

Over a third of the complaints related to approaches by charities being made to elderly people; it was felt that some charities targeted elderly people as a “soft touch”.  Significantly over 40% of complaints concerned the frequency of requests for donations by particular charities. 70% of complaints related to direct mail activity. A substantial percentage of complaints related to the issue of whether consent to be contacted by a charity had been freely given, for example many opt in / opt out statements were difficult to read. A number of complainants also cited the fact that when they received a request by phone to donate, the script used by the charity during the call made it difficult for the recipient of the call to say “no” to donating. Also highlighted was the practice of charities sending free gifts with mail packs which recipents feel are a waste of the charity’s money and a means of inducing  guilt if the recipient does not donate.  Some people complained that despite being registered with the Mailing and Telephone Preference Services, they still received mail or calls from charities.  Another major concern of the Board was that some charities communicated with actual or potential donors using contact data which, without the knowledge or consent of those donors, had been passed to those charities by other charities or by commercial organisations.

Prior to the Board’s investigation about direct mail, email and phone contact with donors, there was also widespread criticism about the ubiquitous presence of (and sometimes intimidation by) so-called “chuggers”  – those engaged by a charity to approach potential donors in the streets to collect cash donations or sign up donors to donate by direct debit.

So,  what changes are being made?

The Harris Interactive survey found that there was a strong public appetite for tighter self-regulation of fundraising. As outlined below, controls on charity fundraising are now changing so that unacceptable fundraising practices will hopefully be eliminated or at least significantly reduced. All charities will now have to adopt acceptable means of fundraising.

The Fundraising Regulator was set up in response to recommendations made in September 2015 by the Cross-Party Review of Fundraising Regulation. 45 of the UK’s largest charities agreed to contribute to the start-up costs of the new Fundraising Regulator. As from 7th July 2016, the responsibility for regulating charity fundraising passed from the Fundraising Standards Board (FRSB) to this new body which is now responsible for the self-regulatory regime for fundraising. The new Fundraising Regulator will deal with all new complaints raised about charity fundraising. This new body also takes control of the Institute of Fundraising’s Code of Fundraising Practice and the Public Fundraising Association’s Rule Book. For the first time, responsibility for all the different aspects of regulating fundraising will be centred in one organization. It will be able to take various steps in response to complaints which it upholds, including naming and shaming charities if it finds that they have not met the standards set out in the Code of Fundraising Practice.

The Fundraising Regulator and the Charity Commission have recently signed an MOU which sets out the criteria to be met for the Regulator to refer complaints to the Commission. If a charity repeatedly fails to respond to the Regulator’s rulings, it will refer cases to the Commission so that it can consider whether there are serious shortcomings in the charity’s governance.

The Cross-Party Review hoped that this beefed up new self-regulatory regime would lead to significant improvements in the fundraising methods adopted by charities. However, the Review also considered that it might yet prove necessary to implement statutory regulation of charities’ fundraising practices. Parliament therefore amended the Charities Act 1992 to create a reserve legal power for the Government to make Regulations compelling charities to comply with the requirements of a specified regulator. Under the new voluntary system, it is not compulsory for charities to sign up to be bound by rulings of the Fundraising Regulator. If this voluntary regulation fails, there is now power under the 1992 Act to make Regulations requiring charities to sign up to abide by the requirements of the Fundraising Regulator. The Regulator could in future thereby be given more teeth. Alternatively, Regulations could pass full responsibility for fundraising regulation to the Charity Commission.

Will the changes work?

It remains to be seen whether the new system of self-regulation will work. Will there now be sufficient compliance by charities with the Code of Fundraising Practice on a voluntary basis, or do you think that the Government should have established statutory regulation now rather than wait to see how well the new improved self-regulatory system works?