Shop owners are risking thousands of pounds in fines for failing to make sure their CCTV systems do not break data protection laws.

Speaking two months on from the start of the new General Data Protection Regulation (GDPR), Simon Bishop, director of GDPR Systems told Retail Express: “There is still next to zero percent compliance in independently owned convenience stores, especially in those with less than five stores.”

A survey by Retail Express found that four in five store owners feel that GDPR does not affect their business. Bishop said that while most local shops do not keep much customer or staff data, CCTV systems in store can lead to data protection issues.

Following a customer complaint last year, convenience store owner Kavitha Karthikesu was ordered to pay more than £600 in fines and fees because she had not made the Information Commissioner’s Office aware of the CCTV in store. The punishment was before the new GDPR laws, which increased the level of fines business can be forced to pay due to data protection issues.

Bishop said that of 250 retailers he spoke in front of at the Scottish Grocers Federation, only four had taken action to make their store legally compliant with GDPR.

He advised retailers to register with the Information Commissioners Office, log all CCTV assets, write a breach management policy and to note where the CCTV covers, how long the data is stored, where it is stored.

GDPR Systems provides convenience store owners with simple to use software that guides them through making their CCTV compliant. Bishop explained: “It’s all very well for big businesses that can afford to pay thousands to consultants to make sure they are GDPR compliant, but there is so little help for small shop owners. I built this software to change that.”

Read more: How you can embrace the changes to data laws