As the country’s fourth largest specialist electrical retailer and second largest rental provider of home entertainment equipment and kitchen appliances, Hughes is a complex multichannel B2C retail business with a network of stores and a significant online presence. The Hughes Trade division is a rapidly growing B2B distributor and the company also has a further division dedicated to the Smart Home. Hughes needed to map their dataflows, review their policies and procedures and perform a detailed gap analysis to help them better understand their data and implications of the GDPR across their many business units.
- Customer data minimisation
- Data security over multiple systems
- Defining data retention
The DPO Centre worked alongside Hughes’s inhouse data protection officer to provide guidance and support. They ran staff training sessions, mapped the organisation’s data, identified high risk data sets, conducted impact assessments, drafted and implemented a suite of GDPR compliant policies and put together a prioritised action plan to address the main issues.
Henrico Doward, Group Operations Director, says: “We have had a positive working relationship with Rob and the team, from our first meeting and the insightful workshop – from review to implementation – the process has been straightforward and hassle-free.”
The scope of their requirements means Hughes has now appointed a full time inhouse data protection officer who can call on the DPO Centre when required.
Henrico continues: “Guidance has been offered at every stage of the project, and we have felt supported in adopting the new GDPR processes. Importantly the task has never seemed overwhelming with their help; we have some 41 retail stores as well as trade locations and warehouses, so it could have been a daunting project, however the team at The DPO Centre never scare-mongered and simply worked diligently and systematically with us, giving us all complete confidence in their work.”