Accountability Tracker

As your Article 27 Representative we will always help if you receive a SAR, RTE, or other data protection complaint. It is always best to avoid these all together but most companies will receive GDPR requests at some point.  Disgruntled ex-employees, annoyed customers, malicious compensation-scammers are common sources of SARs and unfortunately these can result […]

Read More…

How to handle a Subject Access Request

We have said this previously but we are still seeing a huge number of Subject Access Requests [SARs]. A SAR is a request made by or on behalf of the data subjects which grants the right to obtain a copy of all the personal data that an organization has collected about them. These are pretty […]

Read More…

Right to Erasure and how to handle it

Summary: The Right to Be Forgotten is one of the fundamental rights defined in GDPR.  Also known as a Right to Erasure this principle defined in Article 17. It is vital that companies recognize these requests and understand how to deal with them. Most importantly the Right to Erasure is not an absolute right and […]

Read More…

Latest biggest updates from ICO

This 1 year period ICO has published very beneficial documents that are very important for the Data protection of the subjects and related to other topics. In this post will share chronologicaly the most important events month by month. April 2021 We have published guidance on the National Security Provisions in Part 3 of the DPA18 and […]

Read More…

How should you write a consent request and what information it should contain?

How should you write a consent request? Consent requests need to be prominent, concise, easy to understand and separate from any other information such as general terms and conditions. Article 7(2) says: “If the data subject’s consent is given in the context of a written declaration which also concerns other matters, the request for consent […]

Read More…

3 data privacy trends to expect in 2021

 According to  Forrester Predictions 2021, we look at three privacy trends that are very likely inbound in 2021 Expect more privacy laws Log onto most websites these days, and one of the first things you’re likely to see are notifications about data cookies: how the website is collecting your data, what it intends to do […]

Read More…

What is valid consent?

The GDPR sets a high standard for consent, which must be unambiguous and involve a clear affirmative action (an opt-in). It specifically bans pre-ticked opt-in boxes. It also requires distinct (‘granular’) consent options for distinct processing operations. Consent should be separate from other terms and conditions and should not generally be a precondition of signing […]

Read More…

Sharing data? Check your contracts.

cyber security

If you share personal data with a third party, you need to ensure that you are both GDPR compliant and that you have appropriate contracts in place that include data protection clauses. Most companies will likely share data with Accountants, HR companies, Pension companies or use outsource tasks to third-party services such as marketing, IT, […]

Read More…