GDPR Archive
The EU General Data Protection Regulation (GDPR) requires organisations to adopt the principles of “privacy by design and by default”. These concepts require organisations to embed security measures into their systems at the outset, rather than applying features retroactively. It …
The EU General Data Protection Regulation (GDPR) outlines six data protection principles that organisations need to follow when collecting, processing and storing individuals’ personal data. The data controller is responsible for complying with the principles and must be able to …
Under the GDPR, certain organisations are required to appoint a DPO (data protection officer). Organisations are also required to publish the details of their DPO and provide these details to their national supervisory authority.
If you run a website, the chances are that you collect EU residents’ personal data. Perhaps you collect names and email addresses so visitors can subscribe to your newsletter, take payment card details for an online store or use cookies …
some of the most effective data protection methods are relatively inexpensive and easy to implement. Here are five simple solutions to help keep your data secure and reduce the risk of a data breach.
DPIAs (data protection impact assessments) help organisations identify, assess and mitigate privacy risks to data processing activities. They are particularly important when introducing new data processes, systems and technologies.
The GDPR (General Data Protection Regulation) outlines six conditions under which organisations can process personal data. Contractual requirements, legal obligations, vital interests and tasks carried out in the public interest are all relatively self-explanatory, leaving consent and legitimate interest that …
Has your organisation been receiving more DSARs (data subject access requests) than usual? If so, you’re not alone. In fact, one report has found that there was a 66% increase in requests last year. Although the pandemic may have contributed …
If your organisation is subject to the GDPR (General Data Protection Regulation), you must create and distribute a privacy notice. This document ensures that individuals are aware of the way their personal data is processed, helping them understand what data is being collected, why and how it’s being used, and how …
Last month, the European Commission adopted new recommendations to help organisations transfer personal data across the world with greater security. Notably, organisations are now encouraged to incorporate risk-based assessments for personal data transfers that are centred on real-world experience rather …
