SFA E-Zine – The Tuesday Edition
 

Dear Member, 

 

As a small business leader it is important to stay ahead of the curve and be prepared for anything that may be thrown at you.  Take a look at our training options available in 2018.  This week we look at the employment law surrounding discipline and dismissal.

 

We are back with the GDPR tip of the week and this week we look at privacy notices.  If you have not done so already make sure to book your place on our GDPR workshop on the 9 March. 

 

We bring you two very interesting reports this week, one giving an executive summary of the newly released Accenture banking survey results, looking at the options available to SMEs when it comes to lending. The other is a look at the most recent Brexit report that highlights the potential implications of Brexit for Ireland.  This report was contributed to by Linda Barry, SFA Assistant Director.  

 

If you have any concerns about health and safety in your business then you should conduct a BeSmart audit of your business.

 

We are delighted to launch our first regional Business Bytes event of the year, in Cork on 21 March, focusing on GDPR in action, please make sure to register for this free event.

 

As always, we’d love to hear from you about any queries you may have, issues you wish to have raised with Government or other stakeholders and your ideas on how we can improve the business environment for us all. Please contact me on tel: 01 605 1602 or e-mail: sven@sfa.ie or tweet: @SFA_Irl or visit: www.sfa.ie.


Kind regards, 

Sven Spollen-Behrens

SFA Director


NEWS
GDPR and privacy notices
 

This week we look at what you should include in your privacy notice under GDPR to either update or create a new privacy notice. Read on to learn more about what you should include...


Under GDPR, businesses will need to update their privacy notices or create a new one if one is not available. This is so that businesses can meet the GDPR principle of transparency. The privacy notice will enable individuals to be aware of what data is held on them, how the data is collected and who to contact if they want to make a data access request.  The contact details would also be used if they wanted to withdraw consent or have their data updated.

 

The first step for updating a privacy notice is to ensure that the language is concise, transparent and written in clear plain language. It must be free of charge and it needs to be easily accessible. Some companies are opting for a short pop up privacy notice that appears on the home page of their website with a link to a larger privacy statement that contains more detailed information. Like businesses, privacy notices come in all sizes depending on what personal or sensitive data your organisation collects.

 

What should be included in the privacy notice?

 

  1. Your business name along with the name and contact details of the data protection officer if you have one, or the nominated person who is responsible for Data Protection in your business.
  2. How you collect the personal data, for example, does it come from your website, over the phone, face to face or in writing.
  3. The type of personal or sensitive data you collect. For example, is it just an email address, postal address or do you collect credit cards for online payments?
  4. Provide assurances that the personal data you hold is kept secure and that appropriate IT safeguards are put in place to protect data.
  5. If you collect sensitive data or data on children, you will need to assure users of the extra security checks you have in place to ensure their data is securely protected.
  6. The reason why you collect the data and what you do with it. For example, is it to provide a service, to process payments or for communication purposes?
  7. What is the legal basis that you are relying on to process personal data? There are six legal bases which are: 1) consent, 2) contract, 3) legal obligation,           4) public interest, 5) vital interest and 6) legitimate interests.
  8. If you rely on legitimate interest for one of your reasons to process personal data, the privacy notice will need to explain clearly what are the legitimate reasons used.  For example, GDPR uses the following examples as potential legitimate interests: client or employee data, marketing, fraud prevention, intra-group transfers, or IT security.
  9. If you rely on consent as a legal basis, give details of how someone can easily withdraw consent, request for their data to be updated or to have it erased.
  10. Give details of how individuals can make a data access request and include the fact that it is free of charge.
  11. If you collect personal data from publicly available sources or acquire them from third party data vendors, you will need to state that you gather this data as well.  
  12. Advise that individuals have the right to lodge a complaint with the Data Protection Commission and you may want to include a link to their website.
  13. For any personal data that is processed, stored or handled outside of the EEA (European Economic Area) detail the security measures you take to ensure their data is protected and secure. Confirm that appropriate contracts are also in place.
  14. If the data is shared with third party organisations you will need to provide the details of those organisations who receive the personal data.
  15. If you conduct any automated profiling you will need to explain what activities you undertake for using personal data for profiling purposes which should include information on how decisions are made with this information, the significance and the consequences of using the type profiling you undertake.
  16. You should include a reference to your data retention policy on how long you keep the data.
  17. If the provision of data is for a legal or contractual reason, you will need to detail the consequences if an individual has refused to supply that data.

It is recommended that you advise users that when they leave your website that any external links they click on to are not your responsibility and they should view that organisation’s privacy policy. Lastly, it is good practice to put a date on when the privacy policy was last updated.

 

Next week we will look at how to respond to a data access request under GDPR.  In the meantime you can avail of the GDPR toolkit to conduct your GDPR audit from the SFA website which you can download here.

 

If you would like more information on GDPR or to discuss your requirements further please contact Helen at SFA on 01 605 1668 or at helen.quinn@sfa.ie or visit our GDPR section on www.sfa.ie/advice

BeSmart – a free online tool that easily assesses your health and safety risks
 

This week we look at the BeSmart tool, a free online resource developed by the Health and Safety Authority that helps businesses identify potential risks in the workplace. Read on to learn how this tool enables businesses to understand what their hazards are, conduct a risk assessment and prepare a health and safety statement…


How does it work?

Businesses can log on to www.besmart.ie and use their four-step process.

 

The first step is to select your business type amongst a large list of businesses. Once you have selected your business type, it will automatically detail a list of hazards that are applicable to that business type.  

 

The second step is to answer a series of questions that relate to your business.  If you are unsure of some of the wording or terminology they use, they have easily identifiable icons that explain them. Once you have completed the series of questions it will move on the third stage which is the risk assessment.

 

The risk assessment will produce a health and safety action list that will inform your business on what steps you may to consider to create a safe working environment for your employees, customers, visitors and contractors alike. Conducting health and safety assessments not only ensures that you are compliant with health and safety regulations, it also helps to reduce accidents and it can help reduce the level of sickness absence as well.

 

Once you have completed and reviewed the online risk assessment you can use it to improve those hazards or determine if any action needs to be carried out. The last element the tool offers is the facility to create a health and safety statement. If you register your business on the BeSmart tool it will add your details and it will automatically populate the safety statement.

 

If you would like to know more on how to complete the BeSmart online tool you can check out their information videos at https://www.besmart.ie/learn-more/. SFA road tested the tool and found it to be an invaluable resource for small businesses to easily and effectively assess their risks in the workplace.

 

Once you are satisfied that you have identified any potential hazards, conducted a risk assessment and prepared your safety statement, you should communicate this with all your employees and any on-site contractors so that together you can create a safe working environment for everyone.  

 

If you would like more information on health and safety issues your business may have please contact Helen at SFA on 01 605 1668 or at helen.quinn@sfa.ie or visit the advice section on our website www.sfa.ie/advice 

Five sectors bear 90% of the burden of Brexit according to new study
 

A major report on the potential implications of Brexit for Ireland was published last week, incorporating input from SFA. The study quantifies the impact of Brexit on Ireland under four scenarios. The main findings are presented here with links to the full publication.


A major report on the potential implications of Brexit for Ireland was published last week. The study, ‘Ireland and the Impacts of Brexit’, was carried out by Copenhagen Economics on behalf of the Department of Business, Enterprise and Innovation. Small Firms Association Assistant Director, Linda Barry, fed into the report on behalf of SFA members.

 

The study quantifies the impact of Brexit on Ireland under four scenarios and assumes no policy response from the Irish Government. The Irish economy is not forecast to contract under any of the scenarios, but rather the study predicts a lower growth rate than would otherwise be expected over the long term. The best case scenario (EEA) would see GDP growth reduced by 2.8% by 2030 and the worst case scenario (WTO) would see growth reduced by 7% by 2030.

 

The study analyses the implications for 24 sectors of the Irish economy. Five sectors were found to account for 90% of the impact – agri-food, pharma-chemicals, electrical machinery, wholesale and retail, and air transport. Non-tariff barriers, specifically regulatory divergence, is the main factor driving the results.

 

The study was considered by the Cabinet on 13 February. Minister Heather Humphries stated after the discussion: “The information will help to inform our negotiating position, together with our ongoing domestic response to Brexit…Without a doubt, the study underlines the importance of a satisfactory transition period and exit deal.”

 

The full report can be downloaded here.

 

The press release from the Department of Business, Enterprise and Innovation is available here.

 

The SFA’s Brexit toolkit for small businesses is available on the SFA website here.    

Grants of up to €150,000 available for companies in their first 18 months
 

Spotlight on Priming Grants, which offer grants of up to €150,000 to micro-firms in their first 18 months of operation. This article provides information on the scheme and advice on how to apply. 


There are over 80 different government supports available to small businesses but many of them are not well known or understood. Each week in the SFA e-zine, we will profile a different support that could improve your business, giving you information and advice.

 

Priming grants

 

What?          

A grant of up to €150,000 for businesses in their first 18 months of operation.   

                       

The vouchers can be used for:

  • Capital items: workspace fit-out, equipment, machinery, computer hardware/software
  • Salary and recruitment costs
  • Rental/accommodation costs
  • Utility costs: including installation costs but excluding mobile phone costs
  • Marketing costs: including brochures, business cards, website design, trade fairs
  • Consultancy costs: including accounting and legal fees
  • Business-specific training

 

Why?             

Priming Grants are designed to support new businesses in their early years of operation. It is targeted specifically at companies with the potential to export.

 

How?             

The scheme is run by the Local Enterprise Offices (LEOs) around the country. To find your nearest LEO, visit the LEO website.

 

The LEO will assess your application. The maximum grant awarded is €150,000 or 50% of the investment, whichever is the lesser. Grants over €80,000 are the exception and apply only to companies with a clear potential to become an Enterprise Ireland client company.  

 

For more information, see here or visit the website of your local LEO.

 

Tips               

If you are interested in applying, don’t forget:

  • Priming Grants are specifically for micro-firms with less than 10 employees
  • They are available to sole traders, partnerships or limited companies      
  • Applicants should be in the manufacturing or internationally traded services sectors, or be a domestically traded service business with the potential to trade internationally
  • Grants for salary costs apply to the first year of employment and a maximum of €15,000 per full time job created applies
  • If your business has been trading for more than 18 months, you should apply for a Business Expansion Grant rather than a Priming Grant
Accenture SME banking survey results 2018
 

Accenture Ireland have recently published the results of their SME Banking Survey 2018. Whilst written from a banking perspective rather than an SME perspective, the survey contains interesting nuggets of information that are worth sharing. Here is the executive summary.

 


Accenture Ireland have recently published the results of their SME Banking Survey 2018. Whilst written from a banking perspective rather than an SME perspective, the survey contains interesting nuggets of information that are worth sharing. Here is the executive summary.

 

There are big challenges as well as opportunities for Irish banks as they try to address the needs of the Small and Medium Enterprise (SME) sector. Badly hit by the 2008 crash, SMEs are now enjoying a resurgence in activity part-fuelled by joint venture investment schemes from governments and banks. At the same time, new regulations are expected to trigger an ‘open banking’ revolution with new players coming in that may tempt SMEs out of the inertia that has stopped them switching providers in the past.

 

The scale of the disruption is uncertain, but change is inevitable. What hasn’t changed is the significance of SMEs to the banking sector. They represent nearly 70% of the active workforce across Ireland, North and South, and account for 99% of registered businesses. Economic recovery and new types of activity, like the thriving SME technology sector in the Republic of Ireland, should encourage banks to revisit relationships and make sure that they no longer take them for granted.

 

Banks have to address the needs of SMEs that increasingly want more tailored offerings at more differentiated price-points. Despite high barriers to switching, SMEs are increasingly willing to go outside their main provider and engage with new technologies to obtain the banking services they need. 76% of SMEs surveyed believe their bank fails to deliver in at least one aspect of their relationship; 25% expect to switch provider over the next 12 months. The survey offers clues on how to offset potential disruption. By offering differentiated propositions while continuing to leverage existing assets. By putting themselves at the centre of a financial ecosystem, Irish banks have an opportunity to maintain and grow their position as the primary financial services provider to SMEs.’

 

The full report can be downloaded here.

EVENTS
SFA GDPR in Action workshop
 
  • 9 March, SFA offices

This practical and interactive GDPR workshop will use three case studies to explore GDPR in the context of understanding the elements of a data retention policy, how to plan for a data access request, consent in the context of marketing and creating a contingency plan for a data breach.

Agenda

Registration

Introduction

Launch of SFA GDPR publication for SMEs

Practical Session 1: GDPR & HR records

Practical Session 2: GDPR & marketing - managing consent

Practical Session 3: Data breaches: what to do?

Q & A

 

Attendees at the event will receive a free copy of the SFA GDPR publication for SMEs which will be launched on the day.

Places are limited to one person per company due to limited space availability so book now to avoid disappointment.

HR update 2018: From beginnings to endings and HR in the middle
 
  • 14 March, SFA offices

The SFA Business Bytes events, which are entirely free of charge, offer small businesses access to expert information and advice and an opportunity to network with their peers. The series is supported by Bord Gáis Energy.

  • Would you like the know-how to manage a difficult probation?
  • Learn the key steps to effective absence management?
  • Gain guidance on what longer working means in relation to workers nearing retirement age?

At this Business Bytes event we will equip you to manage probation, absence and retirement using practical case studies that you can apply to the day-to-day operation of your business.

This event is not to be missed if you are an owner-manager or HR manager in a small firm and want to equip yourself to handle three of the issues most frequently raised by SFA members.

The presentation will be delivered by Helen Quinn, the SFA’s HR and employment law advisor.

The event is open to SFA members and non-members. It will last for approximately one hour with an opportunity to network before and after. Refreshments will be provided.

This event is entirely free of charge but you must pre-register.

For all queries on the event, please call the event organiser: Briana McTiernan, Tel: +353 1 605 1622

GDPR in action – Cork
 
  • 21 March,   Maryborough Hotel

 


The SFA Business Bytes events, which are entirely free of charge, offer small businesses access to expert information and advice and an opportunity to network with their peers. The series is supported by Bord Gáis Energy.

Calling all small businesses in the Cork area! The SFA GDPR seminar is coming to town.

Everywhere you go GDPR is on the news and in the papers but companies struggle to know where to begin and how to start their GDPR action plans. In this Business Bytes event we will share the following to help your business kick start its GDPR action plan:

  1. General overview of GDPR 
  2. Recording your data: what to keep and what not to keep?
  3. The six legal bases for processing personal data
  4. The main legal bases for processing sensitive data
  5. GDPR in action: we will briefly look at the areas of GDPR and HR records and GDPR and marketing on the issue of consent

The event will close with plenty of time for the Q&A session.

The presentation will be delivered by Helen Quinn, the SFA’s in-house GDPR advisor.

The event is open to SFA members and non-members. It will last for approximately one hour with an opportunity to network before and after. Refreshments will be provided.

This event is entirely free of charge but you must pre-register.

For all queries on the event, please call the event organiser:
Briana McTiernan, Tel: +353 1 605 1622

TRAINING PROGRAMMES
Discipline and Dismissal and other upcoming training courses
 

Employment Law: Discipline and Dismissal is just one of the SFA training courses coming up as part of our ‘Training that counts’ suite. All programmes are delivered by expert trainers with many years of industry experience. 


At SFA, we’re here to help you create time for things that can make a real difference to your business, like developing management capacity and other skills for you and your staff.

 

There are a number of courses coming up as part of our ‘Training that counts’ suite of training programmes that may be of interest to you. They are delivered by expert trainers with many years of industry experience.

 

Employment Law: Discipline and Dismissal

 

This one-day programme gives managers the skills and competencies to deal confidently and effectively with disciplinary issues, up to and including dismissal. Topics include managing absence, fair procedures and natural justice, and the Unfair Dismissals Acts.

 

Date: 16 March 2018

Time: 8.30am-3.30pm

Venue: SFA/Ibec offices, 84-86 Lower Baggot Street, Dublin 2

Cost: €220 (SFA member rate)

 

To book: http://www.sfa.ie/0/ELdiscipline  

 

Other upcoming courses

 

  • Project Management (one-day course, 2 March)
  • First Aid Response (one-day course, 9 March)
  • Safety Awareness for Managers (one-day course, 27 March)

 

All courses are charged at €220 for SFA members and can be booked at http://www.sfa.ie/events

 

If you would like any more information please contact Quelba Lima in the Ibec Training Unit on quelba.lima@ibec.ie or 01 605 1619.