Accountability Tracker

As your Article 27 Representative we will always help if you receive a SAR, RTE, or other data protection complaint. It is always best to avoid these all together but most companies will receive GDPR requests at some point.  Disgruntled ex-employees, annoyed customers, malicious compensation-scammers are common sources of SARs and unfortunately these can result […]

Read More…

How to handle a Subject Access Request

We have said this previously but we are still seeing a huge number of Subject Access Requests [SARs]. A SAR is a request made by or on behalf of the data subjects which grants the right to obtain a copy of all the personal data that an organization has collected about them. These are pretty […]

Read More…

Right to Erasure and how to handle it

Summary: The Right to Be Forgotten is one of the fundamental rights defined in GDPR.  Also known as a Right to Erasure this principle defined in Article 17. It is vital that companies recognize these requests and understand how to deal with them. Most importantly the Right to Erasure is not an absolute right and […]

Read More…

Everything you need to know about a Data Processing Agreement

What is a DPA? A data processing agreement (DPA) is a legally binding document to be entered into between the controller and the processor in writing or in electronic form. It regulates the particularities of data processing – such as its scope and purpose – as well as the relationship between the controller and the […]

Read More…

ICO: Accountability framework self-assessment

Hi All, If you have ever been through a GDPRLocal training course you will [hopefully] remember that talking about Accountability is a topic that is discussed about. Accountability is one of the key principles in data protection law – it makes you responsible for complying with the legislation and says that you must be able to […]

Read More…

ICO published the next chapter of the Anonymisation guidance draft : Anonymisation, pseudonymisation and privacy enhancing technologies guidance

How to ensure anonymisation is effective? The ICO is calling for views on its updated draft guidance on anonymisation, pseudonymisation and privacy enhancing technologies. ICO are sharing their thinking in stages to ensure they gather as much feedback as possible to help refine and improve the final guidance, which will carry out a formal consultation. In […]

Read More…

When can we refuse to comply with a SAR (Subject Access request) ?

A lot of companies are receiving SAR’s almost every day. Not all of the SAR’s are relevant and a lot of them might be from the people that are issuing them for a private reasons of to gain some financial revenue. Check this article and find out what are the situtations that you can refuse […]

Read More…

Marketing calls and the rules that you need to know for making them.

Marketing calls are one of the most used way of contacting people and offering your services to them. But while this is a good method, you must not forget about the rules of making the calls. We’ll share some rules in order to be compliant and to not face a fine or possible investigation by […]

Read More…

Children code came into force in September- What’s next ?

The transition year is up and the Children’s code came fully into force on 2 September. It’s a ground breaking code that creates a better internet for children by ensuring online services likely to be accessed by children, respect a child’s rights and freedoms when using their personal data. As you’d expect it’s already having an impact […]

Read More…