Latest biggest updates from ICO
This 1 year period ICO has published very beneficial documents that are very important for the Data protection of the subjects and related to other topics.
In this post will share chronologicaly the most important events month by month.
We have published guidance on the National Security Provisions in Part 3 of the DPA18 and updated the Guide to Intelligence Services Processing.
We have published new guidance on the national security exemption in Part 2 of the DPA18.
We have published an Updated BCR communication following the EU-UK Trade and Co-operation Agreement to the International transfers after the UK exit from the EU Implementation Period.
We have published the new Data Sharing Code of Practice, alongside a data sharing information hub with further resources and support.
In addition, we published detailed guidance on sharing personal data with law enforcement authorities, and detailed guidance on data sharing and reuse of data by competent authorities for non-law enforcement purposes.
We have published detailed guidance on criminal offence data.
We have published the Accountability Framework, which provides detailed guidance on complying with the accountability principle.
We have published detailed guidance on codes of conduct and certification.
The Danish Data Protection Agency has adopted Standard Contractual Clauses (SCCs) which have been approved by the European Data Protection Board (EDPB). We have updated our detailed guidance on contracts and liabilities between controllers and processors to reflect this.
We have published detailed guidance on special category data and updated the Guide page on special category data. We have also published a template appropriate policy document. This is required by many of the DPA 2018 schedule 1 conditions for processing.
In addition, we have published a template Part 3 appropriate policy document. We have updated the conditions for sensitive processing and principles pages in the Guide to Law Enforcement Processing to provide further guidance on the Part 3 appropriate policy document.
We have published guidance on manifestly unfounded and excessive requests under the Guide to Law Enforcement Processing.
We have updated our position on how to calculate the time limit for responding to requests (in relation to Individual rights) following a determination made in a Court of Justice of the European Union (CJEU) case which has been adopted by the European Data Protection Board (EDPB). We have also added guidance on the meaning of ‘manifestly unfounded or excessive’. The following pages have been updated:
- Right of access;
- Right to rectification;
- Right to erasure;
- Right to restrict processing;
- Right to data portability; and
- Right to object.
Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
Zlatko, Adam, Hristina, Marin.
As your Article 27 Representative we will always help if you receive a SAR, RTE, or other data prot
We have said this previously but we are still seeing a huge number of Subject Access Requests [
Summary: The Right to Be Forgotten is one of the fundamental rights defined in GDPR. Also