How to arm your business with organisational resilience

How to arm your business with organisational resilience

Your personal resilience and the resilience of your business are not the same.

If you’re keen to develop your individual coping strategies and better understand how to power up your personal resilience, read this free business advice article, shared by Team Transmit.

When we look at how ready a company is to respond to unpredictable market trends, ever-changing customer behaviours and national or global crises - that’s Organisational Resilience.

Are you ready for whatever comes next?

Resilience refers to your ability to respond to adverse events - not just after they’ve happened but before and during as well.

Organisational Resilience has been the subject of a considerable amount of research since Covid forced some fundamental questions about how we run our businesses. Questions like “how many staff do I actually need?” and “could we operate from a much smaller premises?”, which bosses may never have thought to ask if we hadn’t worked through multiple lockdowns. 

Now, as we wait to see whether our country will officially enter a period of recession (on top of the energy crisis and rising cost-of-living), it’s time to ask ourselves some of those difficult questions again. 

Where are you on the resilience ladder?

We’re not suggesting that you plan for every possible worst case scenario. But thinking through how you’d handle some of the tough stuff will help you respond in an informed and decisive way when you need to.

Consistency

What do you need to keep doing the same?

To keep your business ticking over, there will be a few essential things that you need to keep doing no matter what, in order to keep trading.

This is known as business continuity.

Think about what the core purpose of your business is, and the reason you set it up in the first place. What’s the problem that you’re solving for your customers and what’s the minimum that they expect from you? In other words, which of your business activities are “mission critical”? 

If you can strengthen your core business activities, you’ll have a better chance of maintaining that critical output at a consistent level, even when the recession (or any other adverse situation) is in full force. 

Do you know where your weakest link is?

Anticipating potential threats is key to becoming a resilient business. Big or small, resilient organisations are good at identifying their blindspots and their vulnerabilities. 

As an example, let’s consider an e-commerce business selling homeware products. Here are some tricky questions our experts might be asking if this was your business:

  • Are your suppliers reliable, or do they sometimes let you down? 

  • Which of your current suppliers might be most likely to fold under financial pressure and how quickly could you find an alternative if that happened? 

  • What’s the minimum number of products you need to have available on your website for customers to have an enjoyable browsing experience?

  • What’s the minimum number of each product you need to keep in stock to meet expected delivery times?

Whether you’re selling products or services, maintaining the core function of your business is vital to survive a crisis and thrive on the other side of it. 

testing different versions

Flexibility

What could you do differently?

Once you’ve nailed down which core business activities you need to keep consistent and removed some of the risk factors that could negatively affect them, it’s time to look at other short or long-term changes that will help you over the coming months.

Necessity is the mother of invention, and out of the pandemic came a huge number of innovative new ways of working.

This is your chance to rise to the challenge of the recession and explore which aspects of your business can be stretched, flexed and squeeeeeeeezed as the country tightens its belt.

By adapting and creating new, more efficient ways of doing things, you could reduce your outgoings and even put some cash aside for a leaner trading period.

We previously shared some advice from our co-founder Richard Myers on how to prepare your business for a recession

Tips from Rich include:

  • Downsize your office, workshop or retail unit 

What some super-smart people say about resilience

Research interviews conducted by Cranfield University’s School of Management identified a number of things that organisations need to do in order to strengthen their resilience and look forward to long-term success. 

You can read the academic literature online, which explains the importance of organisational resilience in business strategy. But to save you time, we’ve selected our top 3 To Do’s:

  1. Decide what’s essential

  2. Take a financial stress test

  3. Talk about future failure

Decide what’s essential

To boost your organisational resilience, knowing which outcomes are essential can help you plan how you’ll continue to meet customers’ minimum expectations, even when ‘business as usual’ gets disrupted. Your essential outcomes come from your mission critical activities - the ones that really need future-proofing.

Example: Mo’s mobile coffee shop

Mo’s regular customers and passers-by delight in a hot cup of caffeine on their walk to work. She parks her van in her usual spot and as a queue form, she discovers - to her horror - that her fancy bean-to-cup machine won’t heat up. 

takeaway coffee

As customers start twitching and looking at their watches, Mo is getting seriously stressed. She’s got no backup plan for this situation, because she never asked the question “what if the coffee machine breaks?”

She might still sell a few sarnies, but she’s unable to deliver the one thing that’s mission critical for a coffee shop: coffee.

To build organisational resilience into Mo’s business, she needs to work through the “What Ifs” and plan how she’d respond if those situations arose.

An emergency pot of instant coffee could make all the difference on the day her machine goes down. It won’t be quite as fancy, but she’ll still deliver her essential outcome: the customer gets their coffee. 

To ease Mo’s headache a bit more, a stash of ready-made vouchers for a half-price coffee the next day would help keep customers onside.

And to be really resilient, Mo could also take out small business insurance for her most essential piece of kit. With a policy to cover her coffee machine, Mo wouldn’t be left picking up the bill for a replacement if disaster struck again.

Take a financial stress test 

When small business owners apply for a Start Up Loan, our expert Business Advisors carry out a stress test on their finances to make sure they could meet their loan repayments if their business income dropped off. 

There’s a heap of free financial advice available on the Smarta platform, from how to manage your expenses like a pro, to the importance of keeping financial records.

We also like the look of Smart Up: screening for business health. You can take an online ‘Business Healthcheck’ quiz which generates a free report on the current risk levels across your business. 

And if you’re looking for ways to fund the next stage of your growth plan, talk to Team Transmit.

Talk about future failure

No one looks forward to difficult conversations. But resilient businesses make plans for “what if things go wrong?” - and they do it while everything’s still fine.  

When Mo’s coffee machine failed she lost a lot of sales and probably some trust. But no one got hurt and she didn’t lose her trading license. In business, other failures can be a bit more serious…

oops social media fail

What if someone filed a lawsuit against you? 

Getting the right small business insurance can protect you from financial losses. Whatever sector you operate in, there’s always a risk that someone or something could suffer some damage.

A customer could trip over in your shop, you could accidentally drop something on a client’s computer, or you might post something online without realising you’re breaching confidentiality.

Public liability insurance can cover your legal expenses if a third party decides to sue you. And if you’re required to pay them compensation, your insurance can cover that too.

If you publish content online as part of your business, media liability insurance is designed to protect you from IP infringement and social media fails.

Check out Superscript, Smarta’s insurance partner who specialises in cover for small businesses.

Seek other people’s perspectives on the tough stuff

A great way to start helpful conversations about the scary “What ifs” of business ownership, is to get yourself hooked up with a business coach or mentor

There will always be something that you haven’t thought of, and there’s usually another way of looking at a potential problem.

Whether it’s rising energy costs, reduced customer spending or issues with suppliers that are stressing you out, our experts can support you to talk about the failures your business could experience in the future, and build in strategies to ensure you’ll sail through the recession as a small, but resilient, organisation.

read more
Smarta Secures Prestigious NEN Award for Innovation in Education
Discover how Smarta's groundbreaking approach to entrepreneurship education earned them the coveted NEN Award for Innovation. From developing an idea, writing a business plan, crafting a customer persona, creating paid social media ads, to cash flow forecasting - Smarta offers a wide range of short courses to support learners throughout their startup journey.
Read more
Privacy Notice & Cookies Policy

Privacy Notice - Scope

We take your privacy seriously and are committed to maintaining the trust and confidence of our clients, visitors to our website and subscribers to our newsletter. Maintaining the security of your data is critical and we have implemented measures to ensure your privacy rights are respected and applied. We commit to process your data fairly, legally and to be transparent about how we do so.

This notice, which applies whether you use our services or use our website, explains our approach to data integrity and your individual rights.

By using our services, you understand the collection, use and transfer of your information under the terms of this notice.

Put simply, we set out what we are going to do with your data in this Privacy Notice.

We ask you to read this Privacy Notice to ensure you understand the way that Smarta will process your data.

We provide the option to opt into the different marketing options that you prefer.

The processing of personal data is governed by the EU General Data Protection Regulation 2016/679 (GDPR) and the UK General Data Protection. Regulation.

The notice may change from time to time so please check for updates.

If you need further details or are unsure in any way, please contact us at hello@gosmarta.com.

 

Who are we?

Smarta is a trading name of Transmit Start-Ups Ltd, which is a Limited Company registered in England. (referred to as “Smarta”, “we”, “our” or “us” in this notice).

Our registered company number is 08702257.

Our registered office is Northern Design Centre, Baltic Business Quarter, Abbott's Hill, Gateshead, NE8 3DF.

 

What personal information do we collect and process?

Smarta is what is known as the controller of the personal data you provide to us. We collect personal data about you which will (where relevant) also include any special types of information or location-based information.

We collect and process your data in the following circumstances:

  • When you use our services

  • When you register to join Smarta or access our eLearning/online courses

  • When you join the small business directory

  • When you use our website

  • When you sign up for our mailing list

  • When you complete the contact form on our website

  • When you contact us through other means such as email, telephone, or web chat

Smarta will collect the following information about you:

  • Your name

  • Your contact details: postal address, telephone number(s) and email address(es), including personal contact details and business contact details (where relevant)

  • Your date of birth (where relevant)

  • Your gender (where relevant)

  • Your ethnicity (where relevant)

  • Your qualification levels (where relevant)

  • Your employment status (where relevant)

  • Other publicly available personal data, including any which you have shared via a public platform (such as a LinkedIn profile, Twitter feed or public Facebook page) (where relevant)

  • Your device’s IP address

  • Your online browsing activities on our website

  • Your communication and marketing preferences

  • Your interests, preferences, feedback and survey responses

  • Your location

  • Your correspondence and communications with us

  • Information about your business 

 

Smarta deliver some of our services under contract on behalf of other organisations, for example to offer business coaching, mentoring or consultancy services, or access to eLearning. In some cases we may receive data about you from our customers or other third parties. For information on how our customer uses your personal data, including how we fit into that processing, you should review their privacy notice or contact them for more information.

 

Why do we collect and process your personal information?

We only collect and process the information needed to effectively provide our services to you, as well as for contact and communication purposes.

We will use your personal information as part of the reporting process we have agreed with any partner organisations we provide services for.

We will use your personal information as part of our internal reporting processes.

 

The lawful basis for processing your personal information

Legitimate interest

We will collect, hold and process your personal data on the basis of legitimate interest where it is necessary in order for us to fulfil our needs as a business and to be able to provide you with our services, including, but not limited to:

  • To send you information about our services

  • To communicate with you about your enquiry

  • Facilitating introductions to our partners, or network of consultants, mentors and coaches

  • Communicating and reporting to the organisations for whom we are contracted to deliver support

  • Handling customer contacts, queries, complaints or disputes

  • Promoting, marketing and advertising our products and services (for business-to-business relationships only)

  • Understanding our customers’ behaviour, activities, preferences, and needs

  • Improving existing products and services and developing new products and services

 

Consent

We will seek your consent to hold and process your data when you sign up for a Smarta membership or to our mailing list. If you choose not to sign up to our mailing list we will still communicate with you when necessary as part of our contractual obligations.

You remain in control of the personal data you share with us. You can update your personal details in your Smarta account on gosmarta.com and in your eLearning account on mysmarta.com. You can change your preferences at any time by choosing whether you want to give consent to your data being processed for specific types of communication and / or communication channels. You can unsubscribe from our email newsletters by clicking the ‘unsubscribe’ option at the bottom of the email and if you wish to manage or amend your preferences, you can send an email to hello@gosmarta.com.

 

Vital Interest

We will use your personal information to contact you if we reasonably believe that the processing of your personal data will prevent or reduce any potential harm to you. This type of notification is in your vital interest.

 

Legal Obligation

We will use and process your personal data to comply with our legal or regulatory obligations, if it is genuinely needed for law enforcement, to identify you as an individual if you contact us, or to verify the accuracy of your data. This includes effectively handling any legal claims or regulatory enforcement actions taken against us.

Your personal data will also be used in situations that protect you, our customers, employees and other individuals to maintain their safety, health and welfare.

 

Contract

We will use and process your personal data where it is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

How is your personal information used?

Below we have set out the reasons we use your personal data and the lawful basis for each use.

How we use your personal information

Lawful Basis

To effectively communicate with you

Legitimate interest

To respond to your enquiries

Legitimate interest

To enable us to manage service interactions with you

Legitimate interest / Contract

To ensure compliance with our contractual obligations, including auditing and reporting, we have in providing our service to you

Legitimate interest / Contract

To make our website and other social media content available to you

Legitimate interest

To assess your eligibility for our services and those that we deliver on behalf of other organisations

Legitimate interest

To contact you (with your agreement) electronically about promotional offers and services which may interest you

Consent

For market research purposes and to better understand your needs

Legitimate interest

To verify your identity

Legal obligation

For crime and fraud prevention, detection and related purposes (if mandated by law)

Legal obligation

Where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute)

Legal obligation

To test new systems and check upgrades to existing systems to improve our service delivery

Legitimate interest

To help improve our products and services, for quality control, security, internal record keeping and other business needs

Legitimate interest

To effectively manage our business and our relationships with you, partners and consultants

Legitimate interest

Certain types of personal information, such as gender and ethnicity, are used only by aggregating the information for reporting requirements, and for the purposes of monitoring and promoting equal opportunities.

 

Where your personal information is stored and who we share it with

Your data may be shared with some of our service providers, which allow us to carry out our services, or with other third parties as outlined in this section. This Privacy Notice does not cover the processing of your data by these third parties. For information on how a third party processes your personal data, please refer to their privacy notices.

Your information is stored on dedicated hardware used by Smarta and all data is held and backed up within the UK or EU, is covered by comparable data protection standards (Adequacy) or is covered by the EU SCCs + UK Addendum.

To deliver a full range of services to you, it may on occasion be necessary for us to share your data outside of the European Economic Area. This will typically occur when service providers are located outside the EEA or if you are based outside the EEA. These transfers are subject to special rules under GDPR and UK GDPR.

If this happens, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice will be to use the EU SCCs + UK Addendum which has been approved by the European Commission and UK Information Commissioner’s Office for such transfers. Those clauses can be accessed on the European Commission website and the UK Information Commissioner’s website.

IT service providers

In order to make certain services available to you, we will share your personal data with our IT service providers. We use IT services providers for activities such as email communication, calendar invites, file storage, customer relationship management, email marketing, customer journey management, and task processing.

Website data is stored within a MariaDB database in a secure hosting environment. The only way to access the database is via a server console or via SSH. Images and assets are securely hosted on a service called S3 - which is an Amazon Web Service (AWS) service. Only authenticated users within the site have access to push files to this location.

We only allow our service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to us and to you, and for no other purposes.

Partners and suppliers

Where relevant for the delivery of services we will also share your personal data to organisations who contract us to deliver services, and to our network of consultants, coaches and mentors if you are working with one. We will only share your contact details with such partners for the purposes of delivering services to you or to fulfil contractual obligations such as reporting. 

We only allow our partners and suppliers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on partners and suppliers relating to data protection and security, which mean they can only use your data to provide services to us and to you, and for no other purposes.

Other third parties

Aside from our service providers and partners, we will not disclose your personal information to any third party unless we are legally obliged to do so, or you provide your consent for us to do so. We will never sell or rent our customer data to other organisations for marketing purposes.

Examples of where we may be legally obliged to share your personal information include:

  • Governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so;

  • To comply with our legal obligations;

  • To exercise our legal rights (for example in court cases);

  • For the prevention, detection, investigation of crime or prosecution of offenders; and

  • For the protection of our employees and customers.

 

How we keep your personal information secure

We are committed to keeping your personal data safe and secure.

Our security measures include:

  • Encryption of data

  • Back up of data

  • Password management

  • Implementing risk management and data impact assessment analysis

  • Regular cyber security assessments of all service providers who may handle your personal data

  • Security controls which protect our IT infrastructure from external attack and unauthorised access

  • Internal policies setting out our data security approach and training for staff.

Only authorised and trained personnel can access your personal information if required to do so as part of their legitimate job role.

Website security and backups

Our website has HTTPS encryption via a Let’s Encrypt SSL certificate to ensure any data passed between your browser and the web server (where this website is hosted) is encrypted. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Edge, Google Chrome and Apple Safari.

This website and its database are automatically backed up every day via our hosting provider AWS (Amazon Web Services). Backups are stored for 90 days in the EU Region.

 

How long we keep your personal information

We will not retain your data for longer than necessary for the purposes set out in this notice.

We are required by law to keep some information for a minimum period e.g. financial information for tax purposes.

Different retention periods apply for different types of data, however the longest we will normally hold any personal data is six years after we have fulfilled the service to you. Where there is no legal requirement, or a business reasons such as the fulfilment and management of a contractual agreement, we will retain personal information for only as long as necessary to deliver our services and respond to any subsequent communications.

As long as you wish to have a membership on the Smarta platform, we will retain your data for that purpose.

You can update, amend or request deletion of your personal information at any time (see below).

 

Automated decision making, including profiling

We do not use automated decision making or engage in profiling activity.

When do we collect your information?

Website forms

Our website has forms built-in to allow you to interact with the site via the submission of data. When you use our forms, the information submitted is securely stored in the website’s database. Your personal data stored in the website’s database will be automatically deleted from here after five years. Your personal data is encrypted by the website.

The website is built using a framework called Laravel (it is an open-source PHP MVC framework for bespoke platform development). 

The forms are built within this stack using VueJS, form data is submitted via Axios (AJAX HTTP requests) to a controller that parsers the data and stores in within a data store. Some forms are also built in the HubSpot platform.

Sensitive data and passwords are encrypted using OpenSSL and the AES-256-CBC cipher.

 

Mailing list

When you subscribe to our newsletter, we collect your email address and name so that we can correspond with you. Your personal data will be shared with the service provider that facilitates our sending of our newsletters. You can request to be removed from our mailing list at any time by clicking ‘unsubscribe’ in any newsletter/mailout or by contacting us.

 

Ongoing communication

We will also collect additional information from you as we communicate with you in order to deliver our services. For example, we will (where relevant) collect documentation from you via email.

Cookies

Like most websites the Smarta website uses cookies to collect information. Cookies are small data files which store information on your browser, your computer, or other connected devices (such as smart phones or tablets).

How do I manage cookies?

When you visit our website only strictly necessary cookies are applied. You can then manage which additional cookies are applied using the pop-up window. After cookie settings are applied your preferences can still be changed by clicking the black circle icon in the bottom left of your browser window.

Alternatively, you can set your browser to block cookies. Please check your browser for instructions on how to do this.

Use of cookies

The main purposes for which cookies are used are:

  • For technical purposes essential to effective operation of our websites, particularly in relation to site navigation.

  • To improve your experience on our website.

  • To enable us to collect information about your browsing patterns, including to monitor the success of conveying our information to you.

Our website does not store any information that would, on its own, allow us to identify individual users without their permission. Any cookies on this website are used either solely on a per session basis or to maintain user preferences. Cookies are not shared with any third parties.

Online data management (analytics and security)

If you accept non-essential marketing cookies when using our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns.

We collect information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit, entry and exit points and the number of page views).

We do this to find out things such as the number of visitors to the various parts of the site.

This information is only processed in a way which does not identify anyone.

We do not make and do not permit Google to make, any attempt to find out the identities of those visiting our website.

If we do ever want to collect personally identifiable information through our website, we will be upfront about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

 

Your rights in respect of the personal information we hold

We fully support and facilitate the ability of people to exercise their rights.

If you wish to correct, complain, object, or otherwise control the data we hold please contact us and we will respond accordingly.

Please contact us if you have any questions about how your personal information is being used or if you are unhappy about our service or anything we do. We will do our best to resolve the issue.

 

An overview of your different rights

You have the right to request:

  • Access to the personal information we hold about you, free of charge.

  • Corrections to your personal information when it is inaccurate, out of date or incomplete.

  • Erasure of your personal information, for example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the personal information has come to an end.

  • Obtain and reuse your personal data for your own purposes across different services (known as data portability).

  • That we stop using your personal information for direct marketing (either through specific channels, or all channels).

  • That we stop any consent-based processing of your personal information after you withdraw that consent.

Whenever you have given us your consent to use your personal information, you have the right to change your mind at any time and withdraw that consent.

 

Where we rely on our legitimate interest

In cases where we are processing your personal information on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal information.

 

Direct marketing

You have the right to stop the use of your personal information for direct marketing activity through all channels, or selected channels. We must always comply with your request.

 

How you can make a request about your data subject rights

You can make a request related to any of the rights listed above by contacting us using the details below.

We will respond to you as soon as possible, and always within one month of receipt of the request.

To protect the confidentiality of your personal information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

 

Getting in touch with Smarta

We can be contacted at:

Smarta / Transmit Start-Ups Ltd

Northern Design Centre

Baltic Business Quarter

Abbott's Hill

Gateshead

NE8 3DF

 

Email: hello@gosmarta.com

 

The Supervisory Authority in the UK is the Information Commissioners Office (ICO).

 

Smarta / Transmit Start-Ups Ltd can be found on the Data Protection Register. The registration number is ZA047144.

 

Complaints

If you would like to make a complaint about the way your personal data has been handled, you can contact us using the details given above.

Alternatively, you can refer your complaint to the ICO