Article written by NAEA
Despite GDPR now being in full effect, new research has revealed that many businesses are still not fully GDPR compliant.

A survey of 1,021 UK workers carried out by leading digital marketing agency,, revealed that more than one in three businesses (37 per cent) confess they are still not following the General Data Protection Regulation (GDPR).

When quizzed on the ways the regulations are not being followed, 35 per cent said they are still sending marketing emails without the expressed consent, and 31 per cent revealed they still have the data of those who haven’t agreed to opt in to having their data stored.

More than one in five (27 per cent) revealed that they haven’t secured the data in case of a ransomware attack, with a further 22 per cent saying they have a longer process for those choosing to opt out from receiving information. Hidden privacy-friendly choices (14 per cent) rounded off the list of the top five ways businesses are still not GDPR compliant.

Gareth Hoyle, Managing Director at said: “The research shows there are many ways that businesses are admitting to not following the newly enforced GDPR regulations. GDPR is the most fundamental change to ever happen to data privacy, so it is imperative that businesses follow this and complete the process as soon as possible.

“Businesses need to understand that acting responsibly and ethically with customer data is crucial to protect and enhance brand reputation and ensure customer trust. Not only this, but it will enhance the quality of data collected which is a good thing for UK businesses.”

Surprisingly, 17 per cent admitted they are still unsure as to what the benefits of being GDPR compliant are and according to the survey, those working in technology were revealed as the worst culprits when it comes to GDPR compliance, followed by those within the retail sector.

Propertymark GDPR resources

If you’re still struggling with the finer details of GDPR compliance, make sure to check out our wealth of online resources. As well as a handy GDPR fact sheet, which delves into the regulation and explains what action you should have taken to ensure you’re compliant, we’ve also put together practical advice on how to write a privacy notice, and guidance on understanding your customers GDPR journey.

And not only that, but we also offer two short, online courses which break down the regulations simply and pragmatically. Our Protecting Data (GDPR) course focuses on the principles, rights, and obligations of GDPR and how to deal with potential data breaches, and our Information Security course, tells you how to keep customer and company information safe and secure.