All ()
Binding Corporate Rules ()
Data Discovery ()
Data Protection ()
Data Protection Impact Assessment (DPIA) ()
Data Protection Officer ()
Data Security & Encryption ()
featured post ()
GDPR ()
Impact Assessment ()
Outsourced Data Protection Service ()
Policies & Documentation ()
Privacy by Design ()
Special Category Data ()
Staff Training & Awareness ()
Uncategorized ()
US Privacy Shield ()
July 11, 2019
At £183.4m (US$228m) or 1.5% of BA’s worldwide revenue in 2017, this fine by the UK Information Commissioner’s Office (ICO) sets a new precedent in the […]
June 5, 2019
We are often asked by clients how to determine whether a breach is reportable to the supervisory authority and/or a data subject or if it should […]
May 29, 2019

Data Subject Access Requests (DSARs) – 5 Essential Steps

Our December 2018 blog post entitled “Data Subject Access Request = 4 words to fear?”, explained the need for a robust and efficient process for responding […]
May 22, 2019

GDPR – One Year On – 6 Key Lessons for Schools?

This time last year, we were all so very concerned about May 25th and the advent of the GDPR. How was it going to change things? […]
December 17, 2018
What are the six lawful bases

What are the six lawful bases and when do they apply?

Article 6 of the GDPR sets out six ‘lawful bases’ for processing personal data.  At least one of these must apply in order for data to […]
December 12, 2018
what is personal data

What exactly is ‘personal data’?

The General Data Protection Regulation (GDPR) has been introduced in the EU with the aim of improving the protection of personal data. Understanding whether an organisation […]
December 10, 2018
Data Subject Access Request

Data Subject Access Request = 4 words to fear?

Six things to consider about Data Subject Access Requests NOW under DPA 2018 (GDPR) Data Subject Access Requests (DSARs), the four words that were striking fear […]
December 7, 2018
difference between DPA and GDPR

What is the difference between the DPA 2018 and the GDPR? (and why does it matter?)

The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) have some key differences which may impact the UK’s relationship with the EU, […]
December 3, 2018
ignore data retention at your peril!

Ignore data retention at your peril!

The First Mate says to the pirate, “Cap’n, I’ve destroyed all our old crew lists. All records of everyone we made walk the plank have also […]
November 30, 2018
cars fraud protection guidelines

Why you should ‘steal’ card fraud protection guidelines

12 Simple Steps About Personal Data Protection to Learn From The Payment Card Industry Financial Services is one of the most heavily regulated industries there is.  […]