What is the data minimisation principle? Article 5(1)(c) says: “1. Personal data shall be: (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)” So you should identify the minimum amount of personal data you need to fulfil your purpose. You should hold that […]
The GDPR (General Data Protection Regulation) outlines six data protection principles that summarise its many requirements. These are an essential resources for those trying to understanding how to achieve compliance. Indeed, small organisations, which often lack the resources to appoint data protection experts to guide them through compliance, may find them particularly useful. We take a look […]
Read More… from The GDPR: Understanding the 6 data protection principles
¿Qué es el "interés legítimo"? El artículo 6, apartado 1, letra f), le da una base jurídica para el tratamiento cuando: "el tratamiento sea necesario para la satisfacción de intereses legítimos perseguidos por el responsable del tratamiento o por un tercero, salvo cuando prevalezcan sobre dichos intereses intereses intereses el interés o los derechos y libertades fundamentales del interesado que requieran [...]
The implications for companies based outside the EU are exactly the same as those for EU countries, if they process personal data from the EU. That’s because GDPR applies to the personal data of people based in the EU. If you want to process it, e.g. to sell to customers in the EU, you have […]
Read More… from What Does GDPR Mean For Companies Based Outside The EU?
What is a DPIA? A DPIA is a process designed to help you systematically analyse, identify and minimise the data protection risks of a project or plan. It is a key part of your accountability obligations under the GDPR, and when done properly helps you assess and demonstrate how you comply with all of your data […]
Read More… from What is a DPIA(Data Protection Impact Assesment) and why are DPIA’s important?
With all that’s changed in the world, the arrival of the third anniversary of the General Data Protection regulation may seem trivial, even irrelevant. But dismissing it would be a mistake. This is actually an opportune moment to take stock of what effect it’s had on data protection and whether your organization has managed to […]
The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO is responsible for: Promoting good practice in handling personal data and giving advice and guidance on data protection. Ensure data controllers pay the appropriate data protection fee and […]
Data Protection Officer (DPO) is a new leadership role that is created with the enforcement of the General Data Protection Regulation (GDPR) DPO is a cornerstone of accountability and appointing a DPO can facilitate compliance and competitive advantage for businesses- highly attractive traits. The GDPR sets minimum responsibilities for a DPO that revolve around supervising the implementation of a data protection strategy, assuring compliance with GDPR, and […]
Read More… from Data Protection Officer – Role and responsibilities
Virtually every business relies on third parties to process personal data. Whether it’s an email client, a cloud storage service, or website analytics software, you must have a data processing agreement with each of these services to achieve GDPR compliance. What needs to be in a data processing agreement GDPR Article 28 Section 3, explains […]
Following the UK’s departure from the European Union, these are the latest updates on how this affects GDPR and the sensitive issue of data protection. Overview of the current situation: The General Data Protection Regulation (GDPR) has been retained in UK law and will continue to be read alongside the Data Protection Act 2018, but […]
Read More… from Changes in the Data protection after UK has left the EU .
+44 1772 217800
+353 01 554
9700 
+1 303 317
5998