GDPR – Why UK Businesses Need an EU GDPR Consultant

If you’re part of a UK business that handles the data of EU citizens, you need to comply with the EU GDPR. But how do you know exactly what to comply with and how to do it? In this post, GDPR Local explores the ways in which working with an EU GDPR consultant can help […]

Read More… from GDPR – Why UK Businesses Need an EU GDPR Consultant

GDPR Local: Supplier Evaluation

How Do You Know Your Suppliers Are GDPR Compliant? We explain why you should make GDPR evaluation a crucial part of your supplier onboarding. You’re working with a new supplier. Or, perhaps, you’re simply reviewing an existing relationship. The service level agreement is in place. They’ve signed the non-disclosure agreement. If your suppliers process personal […]

Read More… from GDPR Local: Supplier Evaluation

Do Third Parties Process Your Data? Why You Need a DPA & SCC

If a third party processes data on your behalf, you’ll need a Data Processing Agreement in place to protect your customers and your business – and you could be fined if you don’t get one. Our GDPR Local Experts can explain you why. You run an organisation that wields a lot of data. Sometimes you […]

Read More… from Do Third Parties Process Your Data? Why You Need a DPA & SCC

GDPR Local

Data Breaches GDPR: I Didn’t Know We Could Be Fined For That? You may know that companies can be fined for GDPR violations. Since 2018, more than 1,100 organisations have been. But did you know that private citizens can also risk penalties for data privacy violations? Here, data protection specialist Zlatko Delev, shares his knowledge […]

Read More… from GDPR Local

GDPR Local

Consultancy Panel Data Protection Consultant? Join The GDPR Local Panel UK GDPR representative? EU rep? SOC2 guru? Wherever you are in the world, if you know data protection inside out, GDPR Local’s Zlatko Delev has an invitation for you. When you look cross-industry, data protection is a spectrum. At one end are the organisations who […]

Read More… from GDPR Local

GDPR Local

Consultancy Panel GDPR Advice? Ask Our Experts For one-off questions or ongoing, on-tap expertise, it’s good to have a GDPR Local data protection consultant on your side. Data protection specialist Zlatko Delev explains why. Let’s suppose that you run a growing tech services company in the US and you’re about to ramp up marketing activity […]

Read More… from GDPR Local

Do I need an Article 27 Representative? Understanding Your GDPR Obligations in 2024

european union flags, gdpr, article 27 representative

Article 27 of the General Data Protection Regulation (GDPR) remains one of its most misunderstood requirements, even as we move into 2024. This article is a crucial part of your GDPR compliance, especially if your business operations fall outside the European Union (EU) or the United Kingdom (UK) but involve processing data from these regions. […]

Read More… from Do I need an Article 27 Representative? Understanding Your GDPR Obligations in 2024

Is buying data legal and GDPR compliant?

This is a complicated question, but in short, using bought data is legal and in line with GDPR (General Data Protection Regulations). HOWEVER, this is only the case if it has been purchased in the right way, from the right source. GDPR states that, to contact an individual, you need explicit consent from them. Most […]

Read More… from Is buying data legal and GDPR compliant?

Special category data

Special category data is personal data that needs more protection because it is sensitive.In order to lawfully process special category data, you must identify both a lawful basis under Article 6 of the UK GDPR and a separate condition for processing under Article 9. These do not have to be linked.You need to complete a data […]

Read More… from Special category data

Principle (c): Data minimisation

What is the data minimisation principle? Article 5(1)(c) says: “1. Personal data shall be: (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)” So you should identify the minimum amount of personal data you need to fulfil your purpose. You should hold that […]

Read More… from Principle (c): Data minimisation