Archives

GDPR

Data Subject Rights and the GDPR

The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. Organisations must let individuals know how they can exercise these rights and meet requests promptly. Failure to do so is a breach of the GDPR....

GDPR and Encryption

Pseudonymisation and encryption are the only technological measures specifically mentioned in the GDPR (General Data Protection Regulation). But what exactly is meant by ‘pseudonymisation’ and ‘encryption’? Are these measures mandatory? More importantly, how can...

GDPR Processing Lawful Bases

The EU GDPR (General Data Protection Regulation) states that you need to identify a lawful basis before processing personal data. But, what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what is meant by the term...

GDPR Risk Assessments

Your business is required to comply with the GDPR (General Data Protection Regulation). Therefore you are obliged to conduct regular GDPR risk assessments. This isn’t just because the Regulation says that you should. Risk assessments are essential for...

GDPR the data differences
GDPR the data differences

What’s the difference between personal data and sensitive data? Now that the GDPR (General Data Protection Regulation) has been in effect for over two years, you’ve likely become acquainted with the term ‘personal data’. But what exactly does personal data...

Your CCTV and the GDPR?
Your CCTV and the GDPR?

In case you didn’t know, but CCTV footage is subject to the GDPR (General Data Protection Regulation). The Regulation isn’t just about written or electronic data such as names and addresses. It applies to any information that can identify someone. That includes...

Video Conferencing and the GDPR
Video Conferencing and the GDPR

Due to social distancing and restrictions enforced by the UK’s tier systems, we are now used to business meetings taking place online. In particular, the video conferencing platform “Zoom” has achieved huge popularity through the pandemic. However, over the same...

Verbal Consent and the GDPR
Verbal Consent and the GDPR

We are often asked about consent and the GDPR. But, what consent can be given face to face or over the telephone? Verbal consent and the GDPR, is verbal consent allowed? Given the documentation requirements of the law, one might expect the answer to be no. However,...

It doesn’t apply to me!!!
It doesn’t apply to me!!!

One-third of small businesses don’t feel GDPR applies to them. It doesn't apply to me!!! We interviewed our CEO, Howard Freeman, who talks with SME business owners every day and he offered us his insights for the website. Howard, do small businesses understand the...

Update on post-Brexit GDPR
Update on post-Brexit GDPR

Will the GDPR still apply? The GDPR is an EU regulation and we wanted to update on post-Brexit GDPR. This means it became law in all member states of the EU (including the UK), without the need for a UK Act of Parliament. It also applies to the EEA states. The UK...

GDPR and the lawful bases for processing
GDPR and the lawful bases for processing

The GDPR states that you must identify a lawful basis before processing personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are ‘legitimate interests’? You must understand your GDPR...

Rights under the GDPR
Rights under the GDPR

What are the data subject rights under the GDPR? The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. You must let individuals know how they can exercise these rights, and meet requests promptly....

Brexit and the new UK GDPR
Brexit and the new UK GDPR

The United Kingdom has now left the European Union. However, until 31st December 2020, EU laws, which include the General Data Protection Regulation (GDPR), continue to apply to the U.K. This is the transition period. Once the transition period has ended,...

GDPR Supply Chain Audit
GDPR Supply Chain Audit

Consider the way in which your business operates. Could it operate without suppliers? This will include any other business you deal with, from an outsourced payroll company, to a medical insurance provider and even the company that waters plants in the office. The...

GDPR Periodic Audits
GDPR Periodic Audits

Why carry out GDPR periodic audits? Article 32.1.d of the GDPR, data controllers and data processors must implement appropriate technical and organisational measures to ensure a level of security. This security should be appropriate to the risk. The regulation states...

Data Retention and the GDPR
Data Retention and the GDPR

How will you tackle data retention? Two plus years on from GDPR enforcement, does your housekeeping need a refresh? How long you will keep personal data raises lots of questions. Where to start? How to judge necessity? Have you considered your method of disposal of...

GDPR Technical Web Site Audits
GDPR Technical Web Site Audits

To get your business moving forward, you need your visitors to contact you What is tracked is managed. Have you started tracking your personal data usage? This brings focus to your practical step towards achieving GDPR compliance. In order to take your first steps...

Pin It on Pinterest