On July 16, 2020 the Court of Justice of the European Union [CJEU] issued its judgement in the Data Protection Commissioner vs. Facebook Ireland Limited, Maximilian Schrems (C-311.18) – the Schrems II case. In this landmark decision, the CJEU declared the European Commission’s Privacy Shield – one of the most widely used primary data transfer […]
Read More… from What is Schrems II and how does it affect your international data transfer
This is a complicated question, but in short, using bought data is legal and in line with GDPR (General Data Protection Regulations). HOWEVER, this is only the case if it has been purchased in the right way, from the right source. GDPR states that, to contact an individual, you need explicit consent from them. Most […]
Organizations have a fundamental choice when managing the risks posed to children by their ISS. They may choose to: * Use age assurance to identify children to a level of certainty proportionate to the risks of their using the ISS, and to ensure that the standards of the code are applied to all child users. […]
Read More… from Methods of age assurance for Children’s code
As GDPR effect is growing day by day and a lot of companies are affected, we would like to present a recap of the most common mistakes that companies are making that need to be avoided in order not to face SAR’s data breaches or investigation from the responsible authority and face a huge fine. […]
How to ensure anonymisation is effective? The ICO is calling for views on its updated draft guidance on anonymisation, pseudonymisation and privacy enhancing technologies. ICO are sharing their thinking in stages to ensure they gather as much feedback as possible to help refine and improve the final guidance, which will carry out a formal consultation. In […]
A lot of companies are receiving SAR’s almost every day. Not all of the SAR’s are relevant and a lot of them might be from the people that are issuing them for a private reasons of to gain some financial revenue. Check this article and find out what are the situtations that you can refuse […]
Read More… from When can we refuse to comply with a SAR (Subject Access request) ?
Marketing calls are one of the most used way of contacting people and offering your services to them. But while this is a good method, you must not forget about the rules of making the calls. We’ll share some rules in order to be compliant and to not face a fine or possible investigation by […]
Read More… from Marketing calls and the rules that you need to know for making them.
The transition year is up and the Children’s code came fully into force on 2 September. It’s a ground breaking code that creates a better internet for children by ensuring online services likely to be accessed by children, respect a child’s rights and freedoms when using their personal data. As you’d expect it’s already having an impact […]
Read More… from Children code came into force in September- What’s next ?
Special category data is personal data that needs more protection because it is sensitive.In order to lawfully process special category data, you must identify both a lawful basis under Article 6 of the UK GDPR and a separate condition for processing under Article 9. These do not have to be linked.You need to complete a data […]
Why US companies must comply with the GDPR The GDPR applies to companies outside the EU because it is extra-territorial in scope. Specifically, the law is designed not so much to regulate businesses as it is to protect the data subjects’ rights. A “data subject” is any person in the EU, including citizens, residents, and even, perhaps, […]
+44 1772 217800
+353 01 554
9700 
+1 303 317
5998