EU Releases New Standard Contractual Clauses for Cross-Border Data Transfers

The European Commission published two sets of new standard contractual clauses (SCCs) governing cross-border data transfers and data exchanges between controllers and processors (i.e., service providers), marking the first updates to SCCs in more than a decade. The long-awaited new SCCs reflect evolved data protection laws such as the General Data Protection Regulation (GDPR), as […]

Read More… from EU Releases New Standard Contractual Clauses for Cross-Border Data Transfers

The GDPR: Understanding the 6 data protection principles

The GDPR (General Data Protection Regulation) outlines six data protection principles that summarise its many requirements. These are an essential resources for those trying to understanding how to achieve compliance. Indeed, small organisations, which often lack the resources to appoint data protection experts to guide them through compliance, may find them particularly useful. We take a look […]

Read More… from The GDPR: Understanding the 6 data protection principles

Legitimate interests at a glance

What is the ‘legitimate interests’ basis? Article 6(1)(f) gives you a lawful basis for processing where: “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require […]

Read More… from Legitimate interests at a glance

What Does GDPR Mean For Companies Based Outside The EU?

The implications for companies based outside the EU are exactly the same as those for EU countries, if they process personal data from the EU. That’s because GDPR applies to the personal data of people based in the EU. If you want to process it, e.g. to sell to customers in the EU, you have […]

Read More… from What Does GDPR Mean For Companies Based Outside The EU?

What is a DPIA(Data Protection Impact Assesment) and why are DPIA’s important?

What is a DPIA? A DPIA is a process designed to help you systematically analyse, identify and minimise the data protection risks of a project or plan. It is a key part of your accountability obligations under the GDPR, and when done properly helps you assess and demonstrate how you comply with all of your data […]

Read More… from What is a DPIA(Data Protection Impact Assesment) and why are DPIA’s important?

Data sharing: a code of practice

The UK Government has laid the Data Sharing Code of Practice before Parliament on 18 May 2021. It will lay before Parliament for 40 sitting days before coming into force. In 2011 the ICO published its first Data Sharing Code; in the intervening period the type and amount of data collected by organisations has changed […]

Read More… from Data sharing: a code of practice

GDPR is Three Years Old!

With all that’s changed in the world, the arrival of the third anniversary of the General Data Protection regulation may seem trivial, even irrelevant. But dismissing it would be a mistake. This is actually an opportune moment to take stock of what effect it’s had on data protection and whether your organization has managed to […]

Read More… from GDPR is Three Years Old!

3 data privacy trends to expect in 2021

 According to  Forrester Predictions 2021, we look at three privacy trends that are very likely inbound in 2021 Expect more privacy laws Log onto most websites these days, and one of the first things you’re likely to see are notifications about data cookies: how the website is collecting your data, what it intends to do […]

Read More… from 3 data privacy trends to expect in 2021

The Information Commissioner’s Office (ICO)

The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO is responsible for: Promoting good practice in handling personal data and giving advice and guidance on data protection. Ensure data controllers pay the appropriate data protection fee and […]

Read More… from The Information Commissioner’s Office (ICO)

Data Protection Officer – Role and responsibilities

Data Protection Officer (DPO) is a new leadership role that is created with the enforcement of the General Data Protection Regulation (GDPR) DPO is a cornerstone of accountability and appointing a DPO can facilitate compliance and competitive advantage for businesses- highly attractive traits. The GDPR sets minimum responsibilities for a DPO that revolve around supervising the implementation of a data protection strategy, assuring compliance with GDPR, and […]

Read More… from Data Protection Officer – Role and responsibilities