GDPR-compliant data destruction

GDPR stands for the General Data Protection Regulation, a new EU law that has already been adopted by the UK government and compliance with the regulation has been required since 25 May 2018.

GDPR quick facts

  • There are 12 steps the Information Commissioner's Office (ICO) suggests for GDPR readiness.

  • It means a massive change to the way businesses act when collecting, processing and securing personal data of any individuals.

  • Non-compliance may result in prosecution, with fines of up to 4% of annual worldwide turnover or £17.5 million.

Reaching GDPR compliance

Here at Shredded Neat, we can help you by providing a secure data destruction service for any type of media the data is stored on at present. Once you have carried out your risk assessment review or data audit, you should have identified those locations where data is stored. The traditional form of data storage has been and continues to be paper-based, usually as files in filing drawers, ring binders sitting on shelves and documents packed away in archive boxes, either at the organisation’s premises or often stored off-site in secure storage.

We have the facilities to destroy data on whichever media it is stored at your premises or from storage. We use a variety of techniques to ensure data on any media will be destroyed properly to comply with GDPR.

GDPR states:

“Personal data must be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods insofar as the data will be processed solely for archiving purposes in the public interest, or for scientific, historical or statistical purposes…”

Get a quote


Find answers to commonly asked questions about all things GDPR.

What information needs to be destroyed?

The General Data Protection Regulation (GDPR) mandates the careful handling – and ultimate disposal – of personal data to ensure robust data protection practices.

Personal data is information that relates to an identified or identifiable individual, including records like name, address, contact details and sensitive information. Personal data must be securely destroyed when no longer needed for the purpose for which it was first collected – or when the data subject withdraws consent.

At Shredded Neat, we provide both mobile on- and off-site shredding of confidential paper waste and offer a full data destruction service, including the recycling of paper, cardboard and electronic waste.

How long should I keep records?

While specific retention periods vary, adherence to GDPR principles involves keeping personal data only as long as necessary for the original purpose – or when the data subject withdraws consent. Implementing clear policies and timelines for record retention is crucial, promoting responsible data management and compliance with GDPR requirements.

What is GDPR?

Regular shredding services play a pivotal role in achieving and maintaining GDPR compliance for your company. Consistent and secure disposal of sensitive data through these services not only minimises the risk of data breaches but also demonstrates your commitment to proactive data protection. This practice aligns with the GDPR’s emphasis on robust data security measures.

What are the penalties for a GDPR breach?

The Information Commissioner’s Office (ICO) has various powers to take action for a breach of GDPR, including assessment notices, warnings, reprimands, enforcement notices and penalty notices (administrative fines). For serious breaches of the data protection principles, the ICO has the power to issue fines of up to £17.5 million or 4% of your annual worldwide turnover, whichever is higher.

To stay GDPR compliant, you should be using lockable on-site storage to store your confidential documents between shredding appointments. You can use confidential waste bins for the safe disposal of confidential documents, or we can provide you with either our secure 70L or 140L locking consoles to use throughout the service, free of charge.

If you don’t have space for on-site storage, we also provide heavy-duty 44L sacks and ties.

Even though you see your documents being destroyed, it’s important that you have an audit trail to protect your business. All regular customers will be protected under an annual Certificate of Destruction, and we’ll also provide time-stamped individual Waste Transfer Notes at every visit.

Once we’ve shredded your documents, the paper is baled up and sent directly to the paper mills. By shredding with us, you’re also doing your bit for the environment, as 100% of all our paper is recycled!

Regular on-site shredding

Regular on-site shredding visits will ensure you don’t build up a backlog of documents.

Learn more

Regular off-site shredding

Let Shredded Neat take care of your confidential waste as we collect your documents.

Learn more

Contract services

Peace of mind that your business will be protected.

Learn more

One-off shredding

Not everybody requires a regular collection – and that’s OK!

Learn more

Electronic data destruction

Disposal of any confidential electronic data that your business no longer needs.

Learn more

Areas we cover

We provide secure shredding services to businesses across the South of England.

Learn more


Get an instant quote today

Shredded Neat will help you save time, money and resources by GDPR-compliantly destroying your business’s confidential data, so you can get on with the more important things. We have both on-site and off-site shredding services available for all of your regular shredding needs and a one-off service ready as and when you need it.

Get in touch