Advomi Logo

How Do SMEs Apply Our GDPR Compliance Package?

All of our clients receive a custom package for their business. The packages include a guide with analysis on the specific business in relation to the GDPR and they are also provided with a set of documents to be used in various scenarios. In addition, we designed a simpler version of the compliance package for starting companies.


Below are some trends we have identified on how small and medium enterprises have used our GDPR Compliance Package.

Established companies which have been in business for at least 5-6 years

These companies in the EU are familiar with bureaucracy and are used to it. They traditionally associate legal compliance with receiving a certain license or permit and ensuring they have a set of necessary documents.

Directors of established companies will often ask us if they need to register at a supervisory authority or wait for a permit in order to process personal data. They are not really interested in the essence of the GDPR rules since they have already encountered a ton of compliance issues with various laws in the past. They just expect to be presented with a simple procedure which ensures that everything is OK in case of an inspection. Our set of documents and recommendations for measures are the most useful for them.


Starting companies have a different approach towards the GDPR, especially if they operate in the area of e-commerce or have a strong online presence. Startups want to understand the data protection rules and mainly the data subject rights. They focus on the customer, rather than on the supervisory authority. These companies want to assure the users that their rights are respected and not violated. For them the descriptive and analytical part of our compliance package is more useful.

We prefer the second approach to GDPR. The regulation is indeed individual-centric and focuses on the rights of individuals regarding the processing of their personal data. Even if avoiding sanctions is the main concern of a business, these sanctions are much more likely to be provoked by a customer complaint than by a sudden inspection from a supervisory authority.

More resources


Consumer Right to Cancel Contracts under CPFTA

The Consumer Protection (Fair Trading) Act (CPTFA) is a law that aims to enhance consumer rights and consumer protection in Singapore. Among the more specific…


Self-Employment Matters in Singapore

You are considered a self-employed person in Singapore if you are a citizen or a permanent resident of the country and derive your income through…


Unfair Practices Under the Consumer Protection (Fair Trading) Act (CPFTA)

Unfair business practices in Singapore encompass fraud, misrepresentation, taking advantage of customers, offering unsolicited goods and services, and some other practices. Unfair practices under Singapore…

Non-disclosure agreements (NDA) in Singapore

A non-disclosure agreement is a contract between two parties that governs how certain information concerning these parties should be handled. Usually, such an agreement will…

Validity of Electronic Contracts in Singapore

Electronic contracts are agreements formed and signed online. Electronic communication offers a number of benefits to the contracting parties and various ways of signing contracts…

Licensing and Assigning Intellectual Property Rights in Singapore

There are different forms of intellectual property that are recognized worldwide. We have trademarks for brands, patents for inventions, the copyright for works of art…