BFM event - The new General Data Protection Regulation

What furniture companies need to do to be compliant!

Wednesday 15th November 2017 at AIS, Cranmore Park, Solihull

The GDPR represents the biggest change to data protection law for a generation.

All companies will be affected and it will span different functions.  The new laws come into force on 25th May 2018 and advance preparation will need to be undertaken to be compliant. The effect on individual companies will depend on the nature of the business and the personal data held.

Also, there are new extra requirements for companies with 250 employees or more.

Penalties for a data breach under the Regulation are punitive, with fines subject to an upper limit of €20 million or 4% or annual global turnover – whichever is the greatest.

This event has been designed specifically for the furniture industry and BFM members companies. it will address the various ways of doing business, whether it is dealing directly with the customer or another  business, such as a retailer.   There are also implications for services a company outsurces.


  •     10.00 - Registration
  •     10:30 – 11:30 - Principles of the legislation
  •     11:30 -11:50 - Break
  •     11:50-12:30 - Questions
  •     12:30 -1:15 - Cyber security
  •     1:15-2:00 -  Lunch
  •     2:00–3:00 - Privacy and Electronic Communications Regulations (PECR) followed by questions
  •     Close 3.00



  • is personal data (including how it is distinguished from business data)
  • are the 8 basic principles of data protection
  • is the difference between a 'controller' and 'processor' of data
  • are the differences between current laws and GDPR (including greater transparency requirements and data subject rights)
  • are the penalties for data breaches and when they may be levied


  • are the additional requirements for businesses with more than 250 employees

What are the implications of GDPR for

  • business to business communications (e.g. manufacturers to retailer/suppliers)
  • businesses selling directly to the consumer (including showrooms)
  • businesses that outsource services (e.g. payroll, contract revisions)
  • electronic & telephone communications with businesses and the consumer (e.g. direct marketing)
  • contracts of employment

What companies need to do, including

  • conducting an audit (electronic and within a structured manual filing system)
  • putting in place personal data procedures and policies
  • establishing a breach reporting procedure (including for organisations that process data you control)

 Cyber risks and GDPR

  • the changing nature of Risk
  • how the IT Industry and the Insurance Industry view Cyber Risks
  • case studies and the implications for business
  • how to protect your business

Speakers: Catherine Herries-Smith is a solicitor who works with the BFM and member companies. Catherine will look at the implications for our industry and what businesses need to do in order to be compliant. 

Simon Whittaker, Senior Account Executive with Sagar Insurances, will speak Simon Whittaker, Senior Account Executive with Sagar Insurances, will speak about GDPR and how Cyber Liability Insurance can offer businesses safety and security against the costs associated with a data breach.

This event is relevant for businesses of all sizes and to directors, managers, HR, IT professionals, compliance officers, office managers, sales & marketing and others.

If you wish to attend. Please contact This email address is being protected from spambots. You need JavaScript enabled to view it.