- Contact The DPO Centre
- +44 (0)203 797 1289
- hello@dpocentre.com
February 16, 2026
IT equipment disposal is often treated as a straightforward operational task. However, studies consistently show that discarded hardware frequently still contains recoverable information. Research by the University of Hertfordshire’s Cyber Security Centre found that 65% of second-hand memory cards held recoverable data.
The General Data Protection Regulation (GDPR) sets clear legal requirements for how organisations handle personal data. Organisations are expected to take reasonable steps to delete data when it is no longer accurate or required, and to protect both the data and the equipment used to store it against unauthorised access throughout its lifecycle.
February 2, 2026
As organisations embed AI into everyday business processes, meeting transparency obligations is becoming more complex. Where AI systems use personal data, Privacy Notices are expected to explain not just what data is processed, but how AI is involved and what that means for individuals.
This shift is driven by emerging AI regulation. Whilst the General Data Protection Regulation requires organisations to provide clear and accessible information about how personal data is used, the EU AI Act introduces additional requirements around making AI systems visible, understandable, and subject to appropriate human oversight. Together, these frameworks are reshaping what meaningful transparency looks like when AI is involved.
June 9, 2025
In Part 3 of our clinical trials blog series, we explore the key GDPR considerations sponsors should address when preparing and localising Informed Consent Forms (ICFs). […]
May 12, 2025
Data Processing Agreements (DPAs) are legally required under the EU and UK General Data Protection Regulation (GDPR) whenever clinical trial sponsors use third-party vendors to process […]
April 28, 2025
In this blog, we explore the benefits of GDPR certification and take an in-depth look into the EU’s leading certification scheme – Europrivacy™/® As data protection […]
April 14, 2025
In this first part of our clinical trials blog series, we explore some of the key data protection considerations that sponsors need to cover in Clinical […]
March 3, 2025
Maintaining GDPR compliance in the UK and EU shouldn’t be approached as merely a tick box exercise. In the same way financial accountability or cybersecurity is […]
February 17, 2025
A clear and compliant Privacy Notice is essential for organisations operating under the EU’s General Data Protection Regulation (GDPR), the UK GDPR, and the UK Data […]
January 20, 2025
Before entering outsourcing contracts, banks conduct thorough data protection due diligence on third parties such as payment, insurance and credit service providers. Banks must safeguard sensitive […]
January 6, 2025
Microsoft Copilot privacy concerns have been in the spotlight recently. The technology has quickly become a powerful example of how AI-enhanced tools are transforming the capabilities […]