On 24 October 2022, the ICO issued a penalty notice (MPN) to Interserve Group Limited (Interserve), imposing a fine of £4.4m for violations of the GDPR (the violations were pre-Brexit). The ICO found that Interserve had failed to put appropriate technical and organizational measures in place to secure personal data (in contravention of Articles 5(1)(f) […]
Read More… from ICO issue fine of £4.4 to Interserve for security failings
President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (E.O.) directing the steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework (EU-U.S. DPF) announced by President Biden and European Commission President von der Leyen in March of 2022. The […]
The UK appears to be pushing ahead with plans to reform the country’s data protection regime, potentially foisting more red tape on British businesses. In a speech at the Conservative party conference this week, new digital secretary Michelle Donelan reiterated the government’s intention to move away from the EU’s General Data Protection Regulation (GDPR), while […]
GDPR incorporated a separate article that regulates the processing of children’s personal data where children can provide valid consent on their behalf. As per Article 8 of the GDPR, where consent is the most appropriate mechanism to process personal data, ‘in relation to the offer of information society services directly to a child, the processing […]
Many companies don’t take data privacy protection seriously until a data breach occurs.A data breach is the worst nightmare that can happen to a company.If you’ve ever faced a data breach, you will understand the difficulties that you might face without a robust protection. ICO thoroughly explains what a personal data breach is and how […]
Article 27 of the General Data Protection Regulation (GDPR) remains one of its most misunderstood requirements, even as we move into 2024. This article is a crucial part of your GDPR compliance, especially if your business operations fall outside the European Union (EU) or the United Kingdom (UK) but involve processing data from these regions. […]
Read More… from Do I need an Article 27 Representative? Understanding Your GDPR Obligations in 2024
As your Article 27 Representative we will always help if you receive a SAR, RTE, or other data protection complaint. It is always best to avoid these all together but most companies will receive GDPR requests at some point. Disgruntled ex-employees, annoyed customers, malicious compensation-scammers are common sources of SARs and unfortunately these can result […]
We have said this previously but we are still seeing a huge number of Subject Access Requests [SARs]. A SAR is a request made by or on behalf of the data subjects which grants the right to obtain a copy of all the personal data that an organization has collected about them. These are pretty […]
Summary: The Right to Be Forgotten is one of the fundamental rights defined in GDPR. Also known as a Right to Erasure this principle defined in Article 17. It is vital that companies recognize these requests and understand how to deal with them. Most importantly the Right to Erasure is not an absolute right and […]
What is a DPA? A data processing agreement (DPA) is a legally binding document to be entered into between the controller and the processor in writing or in electronic form. It regulates the particularities of data processing – such as its scope and purpose – as well as the relationship between the controller and the […]
Read More… from Everything you need to know about a Data Processing Agreement
+44 1772 217800
+353 01 554
9700 
+1 303 317
5998