If a third party processes data on your behalf, you’ll need a Data Processing Agreement in place to protect your customers and your business – and you could be fined if you don’t get one. Our GDPR Local Experts can explain you why. You run an organisation that wields a lot of data. Sometimes you […]
Read More… from Do Third Parties Process Your Data? Why You Need a DPA & SCC
Data Breaches GDPR: I Didn’t Know We Could Be Fined For That? You may know that companies can be fined for GDPR violations. Since 2018, more than 1,100 organisations have been. But did you know that private citizens can also risk penalties for data privacy violations? Here, data protection specialist Zlatko Delev, shares his knowledge […]
Consultancy Panel Data Protection Consultant? Join The GDPR Local Panel UK GDPR representative? EU rep? SOC2 guru? Wherever you are in the world, if you know data protection inside out, GDPR Local’s Zlatko Delev has an invitation for you. When you look cross-industry, data protection is a spectrum. At one end are the organisations who […]
Consultancy Panel GDPR Advice? Ask Our Experts For one-off questions or ongoing, on-tap expertise, it’s good to have a GDPR Local data protection consultant on your side. Data protection specialist Zlatko Delev explains why. Let’s suppose that you run a growing tech services company in the US and you’re about to ramp up marketing activity […]
Article 27 of the General Data Protection Regulation (GDPR) remains one of its most misunderstood requirements, even as we move into 2024. This article is a crucial part of your GDPR compliance, especially if your business operations fall outside the European Union (EU) or the United Kingdom (UK) but involve processing data from these regions. […]
Read More… from Do I need an Article 27 Representative? Understanding Your GDPR Obligations in 2024
This is a complicated question, but in short, using bought data is legal and in line with GDPR (General Data Protection Regulations). HOWEVER, this is only the case if it has been purchased in the right way, from the right source. GDPR states that, to contact an individual, you need explicit consent from them. Most […]
Special category data is personal data that needs more protection because it is sensitive.In order to lawfully process special category data, you must identify both a lawful basis under Article 6 of the UK GDPR and a separate condition for processing under Article 9. These do not have to be linked.You need to complete a data […]
What is the data minimisation principle? Article 5(1)(c) says: “1. Personal data shall be: (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)” So you should identify the minimum amount of personal data you need to fulfil your purpose. You should hold that […]
The UK Government has laid the Data Sharing Code of Practice before Parliament on 18 May 2021. It will lay before Parliament for 40 sitting days before coming into force. In 2011 the ICO published its first Data Sharing Code; in the intervening period the type and amount of data collected by organisations has changed […]
Virtually every business relies on third parties to process personal data. Whether it’s an email client, a cloud storage service, or website analytics software, you must have a data processing agreement with each of these services to achieve GDPR compliance. What needs to be in a data processing agreement GDPR Article 28 Section 3, explains […]
+44 1772 217800
+353 01 554
9700 
+1 303 317
5998