Creating economic growth in Spelthorne, together!

Data protection

Timeless IMS: Connecting People, Connecting Companies

Modern businesses rely upon a managed technology ecosystem which ensures peak performance, reliability and security.

Timeless IMS are an Intelligent Managed Solutions Provider (iMSP) that have the skill set and depth of resources to provide not only IT support and services, but comprehensive business and application consulting. Our aim is to optimise and manage the entire IT environment for an organisation and provide measurable return on investment.

• We are an iMSP that is best placed to deliver an excellent integrated offering and superior service
• At Timeless IMS we believe your organisation revolves on your people and that both your organisation and your people need managed technology to help achieve your business goals
• Timeless IMS have evolved over the last fifteen years from being an IT support company, supporting both single home users as well as large multi-site corporations, to growing into one of the UK’s first iMSP’s

Timeless IMS was founded by Michael Ramlakhan, following a career in Finance and IT over fifteen years ago. The business has evolved in this time to offer Intelligent Managed Solutions across four key areas of technology; Intelligence, People, Security and Cloud.

This is achieved through integrated consultancy, procurement, project management, deployment and ongoing managed support services.
At Timeless IMS we have the capability to align business processes and critical applications with tactical goals so that the entire IT infrastructure is designed, managed, and maintained around your company’s overall business strategy and growth plans.

We have the capacity and capability to see the entire IT ecosystem along with business operations and then view it as a complete, fully-integrated entity.

We will work with your organisation to understand the operational processes that underpin business functionality, continuity and growth. This kind of comprehensive and expanded managed services support can only come from the next-generation of MSP – an integrated managed service provider, we are the trusted partner that you can rely on to deliver these solutions for your company.



Find out more about Timeless IMS at email

Did you miss our Cyber-man event?

Cyber-man meets GDPR with Resilience

We hosted a thought-provoking and informative event at Kempton Park Racecourse on 9th May in conjunction with the Enterprise M3 Growth Hub.

DC James Howden spoke to us about the dangers of cyber security threats to our businesses and in our personal lives. He then presented some great tips for protecting ourselves. If you’d like to have a look at his presentation the slides can be found here-

Cybersecurity KemptonPark_email_version

Simon Jeffs then updated us on what to expect from the new GDPR regulations which come into effect on 25th May. We had a valuable discussion about what these mean in reality for our businesses. His slides can be found here-

EM3 DCD GDPR event presentation

Our event concluded with Nick Moon talking about how to plan for if everything goes wrong – power outages, floods and terrorist attacks are all potential threats, but need not be total disasters if we are prepared!

A huge thank you to all our presenters and to those who attended and made it such a stimulating event.


Are you ready for GDPR?

Cyber-man meets GDPR with Resilience!

08:00 – 12:00 Wednesday 9th May 2018  Kempton Park Racecourse

Are you ready for GDPR? Don’t miss your last chance to book this free event before GDPR goes live on 25th May.

Three short, sharp, snappy presentations on subjects that all businesses need to know.

• General Data Protection Regulations (GDPR) becomes law on 25th May.

• Cyber-security is a threat that is likely to increase rather than decrease in attacks

• What are the characteristics of strong organisations that makes them more resilient to flooding, industrial action or cyber-attacks and more?


08:00 Breakfast

08:30 Cyber Crime – Threats to your business and personal data; how to protect yourself

09:30 General Data Protection Regulations – Come into effect on 25th May – don’t be caught out!

10:30 Tea / coffee break

10:50 Business Resilience

11:30 Q&A session with all 3 presenters

12:00 Close


What the food industry can teach us about GDPR, and it’s not what you might think

What the food industry can teach us about GDPR, and it’s not what you might think

Despite all the coverage of GDPR, I am still hearing people say “I don’t think it applies to us, or “can we avoid it somehow?” The answer is: GDPR is just as relevant to all organisations, large and small, as food hygiene and traceability is to all food manufacturers. However, food manufacturers don’t just comply with regulations because they have to, nor do they comply because they might get a visit from the Food Standards Agency. They worry far more about their customers, and their customers are the ones who will do the checking.

The customer is usually not you or me, because we rarely buy products directly from the factory. Many food manufacturers’ customers are the big supermarkets, and many food manufacturers also manufacture food products for the supermarket’s own labels. This means that if anything, but anything goes wrong with the products, from contamination to a wonky label, the supermarket gets the bad press not the manufacturer. The supermarkets go to great lengths to ensure that won’t happen.

The customers – the supermarket buying teams – are what the food manufacturers are most concerned about, not the legal requirements. These customers have exacting standards, often way in excess of the minimum legal requirements. They conduct spot inspections to ensure compliance and can take business away in an instant.

So what is the relevance to GDPR and our non-food organisations? It is the customer. In fact there are two types of customer that are important to us – the client organisation and the individual, and each will have relevance depending on your market.

If you provide services to a larger organisation, particularly if that organisation has a brand to protect and you record any form of personal data, you can expect that they will ask you about your readiness for GDPR. They may send you a questionnaire or they may ask for sight of your policies and procedures.

If you have contact with individuals, whether they are end customers or individuals within an organisation, you may receive one of several forms of Data Access request. This might be reasonable, or it might be entirely unreasonable if the individual is following their own personal agenda (to put it politely). Either way, you have to be ready to comply with their request. If you don’t, they now have a very easy way to raise a complaint about you to the Information Commissioner’s Office (ICO).

This is what the food industry can teach us about GDPR compliance. It is not the ICO that are most likely to check up on us, it is our customers. If we fail in those checks, it won’t look good. GDPR compliance need not be a lot of work for small companies, so it is worth making the effort to put the basics in place.
Here is a very simple list of the minimum you need to have ready. You can obtain templates for most of these on-line or from your industry membership organisations.

• A named person responsible for Data Protection on your organisation (not necessarily full time in smaller organisations).
• Privacy Statements – a version on your web site, and a more comprehensive document to support internal and external contractual agreements.
• Data audit – at its simplest, this is a spreadsheet listing where you keep personal data (e.g. email, contact lists, CRM, order files, correspondence etc.) and what processes and agreements are in place to protect it. Many major cloud storage providers will be aligned with TRUSTe or EU-US Privacy Shield frameworks, but you need to check.
• Data Protection Privacy Policy and Procedures
• Data Retention Policy and Procedures
• Data Subject Access Procedures and form
• Data Breach Procedures and Incident Form
• Purchase Order Terms and Conditions to include a GDPR Addendum for use with your suppliers, e.g. web site hosting and management if you have an Enquiry Form; or your Auditors and Accountants
• GDPR training for your staff, and a log recording training you have given to employees and contractors.

Neville Merritt Director Pure Potential Development Limited

Read more from Neville here.

We work with leaders, teams and organisations to help think through, plan and execute for sustainable improvement at all levels. Please visit for more tips and information. Marketing and Sales learning and personal development programmes are supplied under our Ascent Learning brand. Please visit . You can contact me directly on


GDPR Advice

We thought it might be useful to share some of the most recent GDPR advice we have come across.

Here is a GDPR mythbuster video by Suzanne Dibble, a business lawyer .

She has also produced a GDPR checklist GDPRCHECKLIST.

The new GDPR regulations go live on 25th May so we would definitely recommend you start to think about this in relation to your business.

For more information why not come along to our GDPR session at Kempton Park on 9th May, where you will be able to ask any questions you may have.

Making Great Video

We had a packed March Networking Meet Up last night at Limeyard Restaurant in Staines. Thank you very much to Kristina and her team for their wonderful welcome!They are open for breakfast, so it is definitely somewhere to consider for your business one to ones.



Thanks too to Mike Daly from Great Video for his valuable tips and entertaining videos! Here is the link to the video-

Well done to Nick for his very professional voice over!

Our next event is 23rd March at the Holiday Inn in Shepperton where we have a really thought provoking talk by Russell Beck about the future of business and our own careers in the light of the fast changing technological environment we live in. Do join us by booking here. The Holiday Inn are providing breakfast, so it will also be a great opportunity to network informally.

Keith mentioned our business awards, our photography competition, our free business advice, the 2018 Business Plan Competition and our Cyber-man meets GDPR with Resilience event on 9th May. Please do explore the links and join us where you can.

Best wishes from all the SBF Team




GDPR – some great links and sensible advice!

Do you know  what changes you need to make to be compliant with the new data protection regulations?

Vee Smith presented at Real Networking today with some sensible information about our responsibilities under the new General Data Protection Regulations. You can find her blog post here and she has some great links to video tutorials, free checklists and expert advice.

As we all need to be compliant by 25th May we’d really recommend you give it a read!

FSB Week of GDPR Awareness: What you need to know

The UK’s small business community is still worryingly unprepared for new data protection regulations, according to new research from the Federation of Small Businesses (FSB). The research shows that a third (33%) of small businesses have not started preparing for the introduction of the General Data Protection Regulation (GDPR) while a further third (35%) are only in the early stages of preparations. Only eight per cent of small businesses have completed their preparations.


For those small firms starting to prepare for the changes, just over half (52%) say they will approach the Information Commissioner’s Office (ICO) for advice. Mike Cherry, FSB National Chairman, said: “The GDPR is the biggest shake-up in data protection to date and many small businesses will be concerned that the changes will be too much to handle. It’s clear that a large part of the small business community is still unaware of the steps that they need to take to comply and may be left playing catch-up. “With less than 100 days until the changes come into force, the attention now shifts to the Information Commissioner’s Office and whether it can effectively manage the demands of small businesses seeking advice and guidance. It is vital that smaller firms looking for this support, either by phone or the web, are able to get it easily.” It is likely that some small businesses will not be compliant ahead of the May deadline. It is important, therefore, that the ICO takes a proportionate approach to enforcement and supports firms towards compliance as opposed to resorting to fines. Mike Cherry continued: “Non-compliance must initially be dealt with in a light touch manner instead of handing down tough penalties. There must be a willingness to play a supportive role in ensuring that small businesses can and are able to comply. The ICO will be critical to creating an environment which focuses on education and prevention and not punishment.”


Information Commissioner, Elizabeth Denham, said: “I want to be clear that this law is not about fines; it’s about putting the consumer and citizen first, and rebalancing data relationships and trust between individuals and organisations. “As regulator, we do have the power to impose larger fines under the GDPR, but we have access to lots of other tools that are well-suited to the task at hand, such as guiding, advising and educating organisations, and these are just as effective. “The report tells us that many small and medium sized organisations are preparing for the new data protection laws but some still have to make a start. The ICO’s website offers a number of ways in which organisations of all sizes, and all sectors, can self-serve to get the help they need. We will study the survey findings carefully to see if we can improve the help we offer.


“We also know that many representative bodies and sector associations are also providing excellent GDPR advice and support for their members.” Concerns around the pressures associated with complying with data protection regulations are still widespread among the small business community.  60 per cent of small businesses have reported lower profits due to complying with data protection and 31 per cent say that they have been forced to stop workforce expansion. On average small firms will spend seven hours per month meeting their data protection obligations which equates to £1,075 per year. The direct cost of complying comes in at £508 per year. These costs will continue to grow with GDPR and further data protection regulation, such as ePrivacy, coming into force. Mike Cherry said: “Small businesses do understand the need for, and the benefits of, data protection regulations. However, many struggle with the cumulative burden of the regulations and the costs that compliance brings both in time and money.


“In the long-term, the Government must consider undertaking a regulatory review with the aim being to minimize the negative consequences of regulating data and maximizing as many of the benefits access to, and use of, data can bring for smaller businesses.”



Online GDPR Training


Looking for online GDPR Training?

ME Learning have a  GDPR training suite where they have worked with a technology specialist law firm to break down all 99 articles into 10 easy to understand modules. They’ve then bundled the 10 modules differently to create 4 types of training levels. You can see the matrix and full info on their GDPR offering here –

Courses retail for:

Core and Board – £25 each
Foundation – £195
Practitioner – £395

They offer volume discount and so if any businesses wanted to use the training together that would be a good move.

On another note, for every UK charity they are giving 3 free licenses on their Board Level training and for educational institutes 2 free licenses on their Board level training.

For more details please contact-

Kevin Patrick
Business Development Manager

Tel: 01273 499 100
Mob: 07802 322 549


Do you understand how GDPR applies to your business?

The new General Data Protection Regulations will come into effect in May 2018 and remain in effect even once the UK leaves the EU. It is important that you understand how these changes in data protection will affect your business, how you store information and handle your customers’ data.

To help simplify this one of our members, Goddards Accountants, have provided this handy guide for businesses:

NB A5 Overview of the GDPR v2 (002)

If you have any questions you can find their contact details in the Directory.