All ()
Binding Corporate Rules ()
Data Discovery ()
Data Protection ()
Data Protection Impact Assessment (DPIA) ()
Data Protection Officer ()
Data Security & Encryption ()
featured post ()
GDPR ()
Impact Assessment ()
Outsourced Data Protection Service ()
Policies & Documentation ()
Privacy by Design ()
Special Category Data ()
Staff Training & Awareness ()
Uncategorized ()
US Privacy Shield ()
July 11, 2019
At £183.4m (US$228m) or 1.5% of BA’s worldwide revenue in 2017, this fine by the UK Information Commissioner’s Office (ICO) sets a new precedent in the […]
June 5, 2019
We are often asked by clients how to determine whether a breach is reportable to the supervisory authority and/or a data subject or if it should […]
May 29, 2019

Data Subject Access Requests (DSARs) – 5 Essential Steps

Our December 2018 blog post entitled “Data Subject Access Request = 4 words to fear?”, explained the need for a robust and efficient process for responding […]
May 22, 2019

GDPR – One Year On – 6 Key Lessons for Schools?

This time last year, we were all so very concerned about May 25th and the advent of the GDPR. How was it going to change things? […]
December 17, 2018
What are the six lawful bases

What are the six lawful bases and when do they apply?

Article 6 of the GDPR sets out six ‘lawful bases’ for processing personal data.  At least one of these must apply in order for data to […]