Guides & insights

The GuardianStack blog

Plain-English UK compliance guides for UK SMEs.

Featured Guides

GDPR for UK Shopify stores: what actually matters in 2026

A plain-English guide to UK GDPR for Shopify store owners — the obligations that actually apply to you, why a cookie banner isn't enough, and how to check where you stand in about 30 seconds.

21 May 2026 · 5 min read Read article →
Guides

Handling data-protection complaints: the process the ICO expects

A data-protection complaint isn't just an awkward email — the ICO expects organisations to have a process for handling one. Here's what a complaint really is, what a good process looks like, and why the evidence matters.

24 June 2026  ·  4 min read Read article →
Guides

Which Shopify apps need a DPA? Article 28, explained

If a third-party app touches your customers' data, UK GDPR Article 28 says you need a Data Processing Agreement with it. Here's which apps count, why it matters, and how to find the gaps.

16 June 2026  ·  4 min read Read article →
Guides

Your privacy notice vs your app stack: the compliance drift problem

A privacy notice is accurate on launch day and slowly stops matching reality as your business changes. Here's why compliance drifts, why it's the risk nobody schedules, and how to catch it.

10 June 2026  ·  4 min read Read article →
Guides

Do cookie banners make you GDPR compliant? (No — here's the rest)

A cookie banner is one obligation, not the finish line. Here's what UK cookie law (PECR) actually requires, the common ways banners fail, and what compliance covers beyond cookies.

2 June 2026  ·  4 min read Read article →
Guides

A customer asked for their data — you have 30 days (UK DSAR guide)

A subject access request gives your customer the right to a copy of the data you hold on them, and you have one month to respond. Here's what a DSAR is, what you must provide, and how to be ready.

20 May 2026  ·  4 min read Read article →
Trust & transparency

Why should you trust a compliance AI? The Glass Box principle

Most compliance AI is a black box that can confidently make things up. Here's the alternative — a Glass Box that shows its working, cites the rule, and uses deterministic checks so answers can be verified, not just believed.

20 May 2026  ·  4 min read Read article →

See where your store actually stands

Free outside-in compliance check — no login, results in 30 seconds.

Run free website check