Principle (c): Data minimisation

What is the data minimisation principle? Article 5(1)(c) says: “1. Personal data shall be: (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)” So you should identify the minimum amount of personal data you need to fulfil your purpose. You should hold that […]

Read More…

EU Commission’s approval of the UK’s adequacy

The EU Commission has announced on 28.06.2021 that adequacy decisions for the UK have been approved. This means the EU has determined the UK’s data protection laws to be robust enough to ensure data can safely flow to the UK from the EU (and EEA). Approved adequacy means that businesses can continue to receive data […]

Read More…

What Does GDPR Mean For Companies Based Outside The EU?

The implications for companies based outside the EU are exactly the same as those for EU countries, if they process personal data from the EU. That’s because GDPR applies to the personal data of people based in the EU. If you want to process it, e.g. to sell to customers in the EU, you have […]

Read More…

GDPR is Three Years Old!

With all that’s changed in the world, the arrival of the third anniversary of the General Data Protection regulation may seem trivial, even irrelevant. But dismissing it would be a mistake. This is actually an opportune moment to take stock of what effect it’s had on data protection and whether your organization has managed to […]

Read More…

3 data privacy trends to expect in 2021

 According to  Forrester Predictions 2021, we look at three privacy trends that are very likely inbound in 2021 Expect more privacy laws Log onto most websites these days, and one of the first things you’re likely to see are notifications about data cookies: how the website is collecting your data, what it intends to do […]

Read More…

EU/UK representative services

Article 27: Article 27 of the GDPR includes the requirement for companies that provide goods and services to EU citizens should provide an EU based Representative so that data subjects and Regulators can easily contact companies to raise data protection issues or concerns. Now that the UK has left the EU the situation becomes slightly […]

Read More…

EU representatives – your FAQ’s answered

eu representative

Here at GDPRlocal, we get lots of questions about what exactly an EU  Representative is, what they do and whether your business actually needs one. We’ve produced a list of our most frequently asked questions to help you better understand this little-known piece of the GDPR. What is an EU  Representative? An EU  Representative is […]

Read More…

Are you sharing data outside of the EU ? Read this

eu representative

The rules relating to sharing data with any company outside the EU  have recently changed and the previously accepted standard contract clauses are no longer considered adequate. If you share data with any company outside the EU,  you need to ensure that you have completed a risk assessment as well as checking that your contract […]

Read More…