- Contact The DPO Centre
- +44 (0)203 797 1289
- hello@dpocentre.com
February 16, 2026
IT equipment disposal is often treated as a straightforward operational task. However, studies consistently show that discarded hardware frequently still contains recoverable information. Research by the University of Hertfordshire’s Cyber Security Centre found that 65% of second-hand memory cards held recoverable data.
The General Data Protection Regulation (GDPR) sets clear legal requirements for how organisations handle personal data. Organisations are expected to take reasonable steps to delete data when it is no longer accurate or required, and to protect both the data and the equipment used to store it against unauthorised access throughout its lifecycle.
November 24, 2025
Financial services are under pressure. Digital onboarding, AI-powered due diligence, and growing data volumes are redefining customer verification — exposing firms to new regulatory risks.
As Know Your Customer (KYC), Customer Due Diligence (CDD), and Anti-Money Laundering (AML) processes evolve, firms operating in the UK face mounting pressure to ensure data governance keeps pace.
The Financial Conduct Authority (FCA) and Information Commissioner’s Office (ICO) are jointly calling for closer collaboration between financial and privacy teams, making it clear that Anti-Money Laundering (AML) and UK General Data Protection Regulation (UK GDPR) obligations can no longer be managed in isolation.
August 4, 2025
In this blog, we explore how organisations can manage CRM data retention responsibly and compliantly under the General Data Protection Regulation (GDPR). Customer Relationship Management data […]
November 28, 2022
The European Health Data Space (EHDS) Regulation marks one of the most significant milestones in the EU’s data and digital health strategy to date. It is structured into two core areas: primary use for patients and secondary use for clinical trials and research.