Call Us at: 
+44 1772 217800 
+353 01 554 9700 
+1 303 317 5998
Accountability Tracker
As your Article 27 Representative we will always help if you receive a SAR, RTE, or other data prot
How to handle a Subject Access Request
We have said this previously but we are still seeing a huge number of Subject Access Requests [
Right to Erasure and how to handle it
Summary: The Right to Be Forgotten is one of the fundamental rights defined in GDPR. Also
GDPR Fines Q4 2021
The Fourth quarter of 2021, really confirmed that 2021 is the year of fines. We did an overview of
ICO Video Surveillance guidance
The steady growth of the use of video surveillance systems across public and private sectors, has l
Everything you need to know about a Data Processing Agreement
What is a DPA? A data processing agreement (DPA) is a legally binding document to be entered int
Cyber Covered – Cyber Insurance Company
Hello everyone, Last week we have introduced you to the cyber insurance and why is this importan
Important news: New IDTA and Addendum to the EU SCCs
On 2 February 2022, the Secretary of State laid before Parliament the international data transfer a
Glimpse Protocol – PaaS solution
This time, we would like to introduce to you a company called Glimpse Protocol. Glimpse Protocol pr
What is cyber insurance and why it is important?
Intro: Cyber insurance (also referred to as cyber risk or cyber liability insurance) is a form
Pseudonymization and Anonymization of personal data
One thing that is heavily emphasised in GDPR is the importance of Privacy by Design. Mechanisms to
How does GDPR Affect Clinical Trials?
How GDPR impacts the clinical trials industry? The increasing use of the internet, electronic r
Data protection and AI
When discussing technology advancements, it’s hard not to talk about the General Data Protection
Existing customers: the ‘soft opt-in’
Although organizations can generally only send marketing texts or emails with specific consent, the
ICO: Accountability framework self-assessment
Hi All, If you have ever been through a GDPRLocal training course you will [hopefully] reme
ROPA – Requirements and Exemptions
The obligation to create and maintain Records of Processing Activities [ROPA] applies to the majori
5 noticable GDPR statictics from 2021
During the previous year a lot of companies finally got aware of the Data Protection and the GDPR r
Data Protection and Corona Virus
Since vaccinations against corona virus became available, the employers have been increasingly seek
Can you refuse to comply with a Data Subject Access Request [SAR]?
The right of access under GDPR gives data subjects the right to obtain a copy of their personal dat
Opt-in and privacy rules in EU and USA: key differencies
While opt-in rules in the U.S. and the EU differ, the intent remains the same. These laws aim to pr
USA e-mail marketing rules
In the United States, direct marketing by e-mail is regulated by the federal Controlling the Assaul
What US-based companies need to know about GDPR
The EU General Data Protection Regulation [GDPR] is designed to strengthen and unify the protectio
GDPR: What Life Science organisations need to do to comply
Since GDPR became a thing on May 25th 2018, organisations need to be prepared to comply with a whol
The 10 biggest GDPR fines to date – and yes, we are talking hundreds of millions worth of fines
It's been three years since the introduction of one of the toughest data protection laws - the Euro
Subject Access Request (SAR) Empathy
There are many definitions of empathy but the Wikipedia definition is, 'the capacity to understand
Why should accountants take notice of GDPR?
Billed as the “most important change in data privacy regulation in 20 years”, GDPR to
Getting management to care about GDPR
The GDPR is seen as the gold standard for data privacy and protection around the world. If breached
How does GDPR affect Financial Services?
Not long ago, before smartphones, bank transactions were made face to face. People did not have to
How Does GDPR Affect Blockchain And Cryptocurrency?
Since the advent of the General Data Protection Regulation (GDPR) regulation, organisations, both
Are your cookies GDPR Compliant? We have someone that might help you
One of the most important requirements that ICO is really strict about is having a compliant Cookie
What is Schrems II and how does it affect your international data transfer
On July 16, 2020 the Court of Justice of the European Union [CJEU] issued its judgement in the Data
Is buying data legal and GDPR compliant?
This is a complicated question, but in short, using bought data is legal and in line with GDPR (Gen
How GDPR affects Staffing and Recruiting
GDPR affects Staffing and Recruiting by how data can be stored, collected and processed. The proces
Methods of age assurance for Children’s code
Organizations have a fundamental choice when managing the risks posed to children by their ISS. The
Most common types of GDPR violations
As GDPR effect is growing day by day and a lot of companies are affected, we would like to present
ICO published the next chapter of the Anonymisation guidance draft : Anonymisation, pseudonymisation and privacy enhancing technologies guidance
How to ensure anonymisation is effective? The ICO is calling for views on its updated draft gui
When can we refuse to comply with a SAR (Subject Access request) ?
A lot of companies are receiving SAR's almost every day. Not all of the SAR's are relevant and a lo
Viv Adams, Principal Policy Adviser : Sharing personal data in an emergency – a guide for universities and colleges
The ICO often provides us very beneficial posts about the newest regulation updates and what would
Marketing calls and the rules that you need to know for making them.
Marketing calls are one of the most used way of contacting people and offering your services to the
Children code came into force in September- What’s next ?
The transition year is up and the Children’s code came fully into force on 2 September. It’s
Special category data
Special category data is personal data that needs more protection because it is sensitive.In order
US Companies and GDPR
Why US companies must comply with the GDPR The GDPR applies to companies outside the EU becaus
Latest biggest updates from ICO
This 1 year period ICO has published very beneficial documents that are very important for the Data
How should you write a consent request and what information it should contain?
How should you write a consent request? Consent requests need to be prominent, concise, easy to
Be aware of Data Protection Regulations
Hello Everyone, Short post today as an information to be very carefull while collecting and pro
Guidance for the use of personal data in political campaigning
Introduction It is vital in any democratic society that political parties and campaigners are ab
GDPR Regulations for CCTV , Photography and Video equipment and drones.
CCTV In general, CCTV is directed at viewing and/or recording the activities of individuals. The
Transferring personal data by USB device
USB devices offer a convenient way to transfer data between two computers. However, their small phy
What is the difference between GDPR and PECR
Data protection and marketing are so closely interconnected that no marketing plan involving data c
Principle (c): Data minimisation
What is the data minimisation principle?
Article 5(1)(c) says:
“1. Personal data shall
Dealing with Children’s Data
According to the GDPR, children merit specific protection with regard to their personal data, as th
EU Commission’s approval of the UK’s adequacy
The EU Commission has announced on 28.06.2021 that adequacy decisions for the UK have been approv
EU Releases New Standard Contractual Clauses for Cross-Border Data Transfers
The European Commission published two sets of new standard contractual clauses (SCCs) governing cro
The GDPR: Understanding the 6 data protection principles
The GDPR (General Data Protection Regulation) outlines six data protection principles that su
Legitimate interests at a glance
What is the ‘legitimate interests’ basis? Article 6(1)(f) gives you a lawful basis for proce
What Does GDPR Mean For Companies Based Outside The EU?
The implications for companies based outside the EU are exactly the same as those for EU countries,
What is a DPIA(Data Protection Impact Assesment) and why are DPIA’s important?
What is a DPIA? A DPIA is a process designed to help you systematically analyse, identify and mi
Data sharing: a code of practice
The UK Government has laid the Data Sharing Code of Practice before Parliament on 18 May 2021. It w
GDPR is Three Years Old!
With all that’s changed in the world, the arrival of the third anniversary of the General Data Pr
3 data privacy trends to expect in 2021
According to Forrester Predictions 2021, we look at three privacy trends that are very likely i
The Information Commissioner’s Office (ICO)
The ICO is the UK's independent authority set up to uphold information rights in the public interes
Data Protection Officer – Role and responsibilities
Data Protection Officer (DPO) is a new leadership role that is created with the enforcement of th
GDPR and Artificial Intelligence
According to some estimates, developments in artificial intelligence (AI) could boost the global
Proposal for an ePrivacy Regulation
The European Commission's proposal for a Regulation on Privacy aims at reinforcing trust and securi
What is a GDPR data processing agreement?
Virtually every business relies on third parties to process personal data. Whether it’s an email
ICO Code of Practice to protect children’s privacy online
“There are laws to protect children in the real world. We need our laws to protect children in th
Changes in the Data protection after UK has left the EU .
Following the UK’s departure from the European Union, these are the latest updates on how this a
How to avoid fines …
Yesterday we have mentioned what are the biggest fines issued by the ICO. The fines show that t
Biggest fines in 2020/2021
According to research from DLA Piper, between January 26, 2020, and January 27, 2021: GDPR fines
EU/UK representative services
Article 27: Article 27 of the GDPR includes the requirement for companies that provide goods and
How do you document your processing activities?
How should you prepare? A good way to start is by doing an information audit or data-mapping exe
Do you know how to recognize a SAR?
As per the GDPR Regulative there are certain rights that data subjects can obtain. One of the
All that you need to know about lawful basis for processing data
The lawful bases for processing are set out in Article 6 of the UK GDPR. At least one of these must
ICO POST: Data sharing code
Very beneficial blog has been shared by Ali Shah, Head of Technology Policy Blog:Building on the
What is valid consent?
The GDPR sets a high standard for consent, which must be unambiguous and involve a clear affirmativ
5 Facts about Data Protection
Data protection is one of the most important topics of discussion in this expanding digital wor
Familiar with PECR( Privacy and electronic communication relations) ?
New day, new info that could be of very beneficial meaning for you as a company owner/manager/execu
GDPR compliant cookie policy for your web page
GDPR requires that you have a cookie policy and corresponding cookie&n
Are you aware of holding sensitive data ?
Sensitive data is information that must be protected against unauthorized access. Access to sen
Can I collect data about whether my employees are vaccinated against COVID-19?
Before you decide to collect your employees vaccination status, you should be clear about what
Be GDPR compliant while working from home
As we all know, Covid 19 had a huge impact on many businesses last year, and it is still
Be careful with e-mails, texts and even letters by Post
Short but very beneficial post to remind you to be extra careful when you send out emails, te
How to create a perfect Privacy policy
One of the most important documents in GDPR regulative, that your company needs to have a special f
EU representatives – your FAQ’s answered
Here at GDPRlocal, we get lots of questions about what exactly an EU Representative is, what
Ico examines public confidence in data protection
The ICO recently released the results of a survey they created as part of their strategic plan to e
The biggest GDPR fines of 2020 (and how to avoid them)
Breaching the GDPR can cost you up to €20 million, or 4% of annual global turnover, whichever is
Important – data transfers outside of the EU
If you transfer data outside of the EU, you now need to ensure that you have completed a risk
Are you making these common GDPR mistakes?
GDPRs never going to be simple, but unfortunately getting it wrong can lead to penalties and fines!
Key GDPR terms you need to know
GDPR, the General Data Protect Regulation, is an incredibly large piece of legislation. Reading it,
Are you sharing data outside of the EU ? Read this
The rules relating to sharing data with any company outside the EU have recently changed and
EU representative – act now
If you provide products and services to EU citizens, you will invariably process personal dat
ICO advice on corona virus
ICO ADVICE ON DATA PROTECTION DURING CORONA CRISIS The ICO has issued a number of blogs about ho
Want to avoid the ico registration fee?
ICO FEE - EXEMPTION OPTIONS There are many reasons why you may not need to register with the ICO
Personal data breaches: are you prepared?
Many workers are now beginning to value webinars and online courses as a way to keep productive in
Sharing data? Check your contracts.
If you share personal data with a third party, you need to ensure that you are both GDPR compliant
Email marketing – do your due-diligence or get fined
The ICO has released details about an investigation and enforcement action they have taken against
Appoint your EU based representative today!
The ICO has confirmed that post-transition any company with customers in the EU will need to
Global privacy expectations of video teleconference providers
Are video-conferencing software companies keeping your data safe? If you, like many others, have
Corona virus advice to employers
Corona Virus - Warning About Collecting Staff Data . Many companies are at last going back to wo
Don’t delete data to avoid sar
How to respond to a SAR. If you receive a Subject Access Request, you need to respond promptly a
Ico responds to government GDPR rule break
The UK Government admitted that the Track and Trace App, created to help stop the spread of Coronav
Have you received a subject access request?
HAVE YOU RECEIVED A SAR? ACT NOW! If you have received a Subject Access Request or other GDPR Co
Download free GDPR documents here
LOOKING FOR FREE GDPR DOCUMENTS? If you need to complete your GDPR but not sure what you need to
EU representative – act now!!
If you provide products and services to EU citizens, you will invariably process personal dat
Advice on use of video conferencing and GDPR
ICO ADVICE ON THE USE OF VIDEO CONFERENCING Many companies have started using video conferencing
Cyber security and working at home
Cyber Security - Staff Safety When Working at Home. Looks like many people are going to be
06 GDPR INFO
Stay Up-To-Date
Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.
Your UK and EU Representative – Article 27
Compliance partner.
GDPR Local Ltd is a private limited company registered in the UK under company number 12969035
1st Floor Front Suite
27-29 North Street, Brighton
England
BN1 1EB
GDPR Local 2022 © All Rights Reserved