What is valid consent?

The GDPR sets a high standard for consent, which must be unambiguous and involve a clear affirmative action (an opt-in). It specifically bans pre-ticked opt-in boxes. It also requires distinct (‘granular’) consent options for distinct processing operations. Consent should be separate from other terms and conditions and should not generally be a precondition of signing […]

Read More…

Sharing data? Check your contracts.

cyber security

If you share personal data with a third party, you need to ensure that you are both GDPR compliant and that you have appropriate contracts in place that include data protection clauses. Most companies will likely share data with Accountants, HR companies, Pension companies or use outsource tasks to third-party services such as marketing, IT, […]

Read More…