What is GDPR?

The GDPR (May 2018) is a security regulation in relation to the mandatory requirement for businesses to protect their clients' and employees' personal data and privacy for any transactions that occur within EU states. Not being compliant could cost you dearly!

A key principle of the GDPR is that you process personal data securely by means of ‘appropriate technical and organisational measures’ – this is the ‘security principle’.

This requires you to consider things like risk analysis, organisational policies, and physical and technical measures.


You also have to take into account additional requirements about the security of your processing – and these also apply to data processors.

You can consider the state of the art and costs of implementation when deciding what measures to take – but they must be appropriate both to your circumstances and the risk your processing poses.

Where appropriate, you should look to use measures such as pseudonymisation and encryption.

Your measures must ensure the ‘confidentiality, integrity and availability’ of your systems and services and the personal data you process within them.

The measures must also enable you to restore access and availability to personal data in a timely manner in the event of a physical or technical incident.

You also need to ensure that you have appropriate processes in place to test the effectiveness of your measures, and undertake any required improvements.

We handle your data responsibly

Our Responsibilities

Here at Pay Check Ltd we take our legal responsibilities and duty of care to you as a client seriously. We are constantly reviewing and implementing policies to ensure we will fulfil our obligations as a processor of customer data under the EU’s General Data Protection Regulation (GDPR) as became enforceable on 25 May 2018. You as data controller also have a responsibility to protect the information that you share with us, which is why Pay Check have created the ePay portal, for safe and secure transmission of your payroll changes and data from you to us, and vice versa.

GDPR Staff Trained

We run tailormade GDPR training courses to raise awareness among Pay Check staff about the impact of the legislation on our business. Ourstaff, as part of their employment induction, read and accept our Data Protection Policy to ensure a consistent level of understanding of data privacy and protection across Pay Check’s business. Additionally, all employees have to undertake a compulsory online course for Security Awareness Training focusing on, amongst other subjects, email scams and phishing.

Keep Monitoring

Ongoing monitoring and enforcement is vital; from our Leadership Team our Head of Business Development & Marketing, Katie Linstead, is spearheading our ongoing project with industry specialists Data Compliant www.datacompliant.co.uk to make sure that we remain compliant with both the letter, and the spirit, of GDPR. This helps us to demonstrate compliance to the Information Commissioner and all our stakeholders. Pay Check also engage Data Compliant to act as external Data Protection Officer - you can contact them directly here.


Pay Check assures clients: “Our dedicated project is working diligently to address our ongoing Data Protection obligations in line with the regulations. We are open to any questions or requests by clients, so please get in touch if you’d like more information.”

If you have a query about Pay Check's GDPR compliance, please contact your payroll administrator in the first instance or contact us here

Our offices

View our offices in London and find the contact details for your nearest office.

Pay Check Ltd.
First Floor, Battersea Studios 2,
82 Silverthorne Road, London, SW8 3HE

Drop us a line

You can contact us by sending us an email or calling us directly.


Learn more about us and find resources that will help you with all of our products.