Promoting Responsible Community Retailing by Lobbying, Communication, Networking and Advice.

Ensuring a sustainable and prosperous convenience industry in Scotland


Data Protection - CCTV and the GDPR

GDPR is coming. And it will affect the convenience sector massively – mostly because we don’t really know what it is or how it affects us.The simple version is that if you hold, manage or use personal data in any way then you will have to make sure that your business is GDPR ready. But what does GDPR really mean? Essentially it means that you will have to know what personal data you use, know what lawful basis you have for using it, monitor and record where you store it, how you store it, who has access to it as well as having a procedure and policy in place to report a data breach should one occur.  You will be required, if asked, to prove how you have achieved all of the above (and this is the simple version!) Knowing that this will be a minefield for the convenience sector, we decided to consult with one of our new corporate members – GDPR Systems ltd – and test one of their products designed to make GDPR life easier for the convenience sector.

Now, you may not know this, but CCTV images are classed as personal data – which means that any business that has CCTV must be able to do all of the above as well as have all of the relevant policies and procedures in place for their CCTV systemGDPR Systems Ltd has developed an online solution specifically designed to tackle the CCTV GDPR issue – and we decided to test it for you.

The product

Essentially GDPR System’s CCTV GDPR product is designed with the small business in mind – for most of the convenience sector CCTV is one of the major forms of personal data (that isn’t employee related) that the sector uses and relies upon.

Step 1

The first stage was to get registered – this is a painless process – simply give them some basic details and you will be sent a password (your email address is your login).

Go to the CCTV portal (you can access this from and click on the ‘CCTV Portal Login’ at the top right hand side.

Fill in your login and password details and you’re in!

Step 2

The second stage is to fill out the relevant information. This is laid out in a logical order – company details first followed by personnel details – here you can choose the person responsible for the CCTV data in your control. Then onto ‘breachable asset’ details.‘Breachable assets’ in this case are our CCTV cameras and storage devices.

Here you get to add in all of your equipment – there are a series of questions that you must answer which will determine whether the CCTV personal data that you have is sufficiently protected – none of them are difficult but in some instances you may need to contact your CCTV installer for the answers.

One of the crucial parts of this section is that you are asked to link the relevant personnel to the device – for instance the cleaner may have access to the back room where the storage device is located, so he/she will have physical access to the device but they won’t have administrative access to the device. This part, again is simple – it is just a matter of ticking a box and the system makes the link.

Step 3

Once we had filled out all of the details we could clearly see on the dashboard for both cameras and storage devices what was safe and what was not safe – this is shown by a simple red or green traffic light system – green for good and red for needs some attention.

Step 4

Policies and procedures. The average convenience store won’t have any of these in place and this section of the site will be a welcome relief for those people worrying about how they get the right documents. All of the relevant information that we had previously put into the system has now automatically populated the documentation. All of the cameras and storage devices are listed and I now have all of the documentation I need to be ready for the GDPR. These include. 

  • Privacy impact assessment
  • Data security breach management policy & procedure
  • Consent policy
  • Retention & destruction policy
  • Personal data request policy/document
  • Training record
  • Non-disclosure agreement
  • Transfer of data information sheet

GDPR Systems estimate that these policies alone would cost the average convenience store around £3,000 in legal fees to have drafted up!


The system exactly fits what the companies mission statement is – ‘Making Complex Simple’.

Having had no experience of this kind of thing before, I found it really easy to fill out (even though I missed the duplicate button!). I am not technically minded so the risk was that this could have been too hard to fill out – I am pleased to say that it wasn’t – this bodes really well for convenience stores throughout Scotland and I would encourage all of them to invest in this system.

Don’t get me wrong – it doesn’t make your system safe – that is the owners responsibility, however it does make crystal clear how safe your system is, where the weaknesses are and more importantly it allows you to actually demonstrate how you are ready for the GDPR should you be asked by the relevant authority (The Information Commissioners Office). The directors assure me that there will be more developments to the CCTV option over the coming months which will add value to each of their clients – at no extra cost. Perhaps the biggest value for the convenience sector will be the ease of which they can make their use of CCTV personal data GDPR ready – with the minimum of hassle.

It has certainly worked for the SGF. To find out how you can gain access to the GDPR Systems Ltd CCTV product please contact Simon Bishop on This email address is being protected from spambots. You need JavaScript enabled to view it.  visit call 01865 600 410

Protect your business against the cost of dealing with an HMRC enquiry

Any individual or business who submits a tax return could become the target of an HMRC enquiry.

The purpose of the enquiry is to ensure that you have paid the correct amount of tax.  However, HMRC do not need to justify opening an enquiry and they can often be opened completely at random with substantial fees incurred by a professional advisor defending the enquiry, even if at the end it is deemed that there is no additional tax to pay.  In recent years HMRC have become far more sophisticated in this respect with an investment in technology that allows tax enquiries to be selected more efficiently and on a larger scale.  In addition, HMRC powers to investigate have been strengthened.  This combination means that all taxpayers are now at greater risk of being investigated than ever before.

It is possible to purchase insurance, at a relatively low cost, that will protect against professional fees incurred if you are selected by HMRC for enquiry. 

The Scottish Grocers Federation are delighted to announce a fantastic new member benefit that provides access to one such Policy provided by Vantage.  As an association we have been able to negotiate discounted rates in this respect.

This product includes the following benefits:

  • Cover for up to £100K of fees incurred by Vantage experts representing you in the event of an HMRC enquiry.
  • Includes cover for full & aspect enquiries and PAYE & VAT Compliance Visits.
  • Unlimited telephone access to Vantage tax consultants in respect of any tax or VAT questions you may have.
  • Complimentary telephone access to Vantage Employment and Health & Safety consultants for any issues may encounter in these complex areas.
  • And finally telephone access to Vantage’s legal advisors in respect of any commercial or personal legal questions you may have.

Full details of this product can be viewed at where you can also purchase this product via the Vantage on-line Webshop. 

Please direct any questions to Richard Hainsworth on 07484 750785 or via email This email address is being protected from spambots. You need JavaScript enabled to view it. 

HMRC Enquiry Examples

‘Business accounts for a retail shop were challenged by HMRC.  HMRC claimed that expenditure of more than £150,000 on improvements to the front of the shop and interior were not allowable for tax purposes and that additional tax of £30,000 was due.  Further research into the relevant tax law and case law was necessary to dispute HMRCs contentions.  In the end HMRC allowed the expenditure in full and fees of £3,000 were covered by the insurance.’

‘A retailer that operated as a husband and wife partnership was subject to a full enquiry by HMRC.  The inspector requested sight of all records, although gave no indication of any wrong doing.  After 8 months of meetings and exchanges of in-depth correspondence it was successfully negotiated that no amendments were required or additional tax due.  Fees of £2,500 were covered by the insurance.’       

‘Qdos was established in 1988 and has a group turnover in excess of £26M.  Our insurer HCCI International Insurance Company PLC is part of Tokio Marine Holdings Inc, a premier global insurance company with a market value of approximately $30 billion. Vantage is staffed by Tax Fee Protection Insurance experts who have years of experience working either for Qdos or across the industry.  Together we have pooled our knowledge in order to ensure that we provide a product and service that is second to none.  If you want to discuss this product in more detail then please call Richard Hainsworth on 07484 750 785  This email address is being protected from spambots. You need JavaScript enabled to view it. .

Get Yourself Covered With Retail Mutual

Independent retailers have a responsibility to ensure that their premises, stock, staff, customers and those in their immediate local community are kept safe and secure at all times. Just one incident can cause irreparable financial damage, and with increasing competition, even minor reputational damage can leave a small business fighting to survive. Preparing in advance and minimising your risk rather than dealing with problems after the fact will help protect your business and those around you. So what steps can you take?

Your staff and customers

As a business owner you are liable for staff or customers who injure themselves on your premises. Make sure your access paths are kept safe and clear in the event of ice and snow. Keep the inside of your shop free from trip hazards and train your staff to clean up any spillages immediately. Don’t forget to display warning signs where relevant.

Your premises

Simple maintenance inside and out can save you time and money and will also minimise your exposure to public or employee liability claims. Keep drains and gutters clear, insulate your pipes and maintain your roof to prevent water damage in colder weather.

Mitigate against fire damage by using dry risers, sprinklers and smoke detectors as appropriate. Carry out regular electrical inspections and avoid the temptation to use portable heaters close to flammable stock and materials when temperatures drop.  

Installing shutters can prevent damage to your shopfront and may help to reduce your business cover costs too.

Your stock

Make sure display shelving is securely fixed and try to avoid overstocking with heavy bottles and cans. This can cause collapse, resulting in damage and loss to stock as well as carrying a risk to staff and customers. Take adequate precautions when transporting stock to and from the premises, and where possible try to lock away any high-value stock such as tobacco out of hours to mitigate against theft. Always empty the till and leave it open to show that there is nothing inside to steal.  

Have you got it covered?

If you employ any staff, even on a part-time or casual basis, you are required by law to take out Employer’s Liability cover. If you own your own business premises, you will also need Building cover and should ensure your stock and contents are adequately covered too.

Public liability cover will protect you in the event that a member of the public suffers an accident – or claims to have done so – on your premises. Additional covers such as accidental damage or fixed glass can be a godsend in the event of an incident. Many cover providers charge an additional premium for these, however some specialist providers, such as The Retail Mutual, include it with their business cover as standard.

It is always important to check your business and liability cover wordings to satisfy yourself that they are adequate for your needs, and check that your cover limits are sufficient. If you are in any doubt, speak to your cover provider before the expected occurs.

The Retail Mutual is dedicated to the independent retail community and has been protecting Scottish convenience store owners for almost 20 years.  

For an immediate quote call 0333 2121007 or visit TheRetailMutual.Com for more information about our business, home and residential landlord cover for independent retailers.

Work Place Pensions

SGF is working with one of our key corporate members, AGL Wealth Management, to provide a tailored solution to the challenges of setting up a work place pension scheme. Just click on the AGL logo for a highly cost effective, straightforward and fully compliant solution.