Data Protection Archive

Business to business marketers have had countless questions about the GDPR (General Data Protection Regulation) since it took effect – and for good reason. Sensitive data is at the centre of everything they do. They need names, contact information and any …

Last month, France’s data protection authority, the CNIL, imposed a €150,000 fine on a data controller and a €75,000 fine on its data processor for their failure to implement adequate security measures. The ruling followed a credential stuffing attack against …

As you might have expected, the GDPR (General Data Protection Regulation) has created a spike in demand for data protection and privacy experts. Organisations are desperate to hire people who can guide them towards regulatory compliance and avoid large fines.  For many organisations, this isn’t just a …

In case you didn’t already know, the GDPR (General Data Protection Regulation) requires Irish organisations to report data breaches to the DPC (Data Protection Commission) within 72 hours of becoming aware of them.  

For the past few months, organisations have been trying to grasp the full extent of this summer’s Schrems II ruling ­– which invalidated the EU­—US Privacy Shield – and what it means for data transfers outside the EU. To help …

The GDPR (General Data Protection Regulation) makes a distinction between ‘personal data’ and ‘sensitive personal data’. In this blog, we look at the difference between those terms, and we begin by recapping the Regulation’s definition of personal data: ‘ersonal data’ means …

The GDPR (General Data Protection Regulation) outlines six conditions under which organisations can process personal data. Contractual requirements, legal obligations, vital interests and tasks carried out in the public interest are all relatively self-explanatory, leaving consent and legitimate interest that …