Loading

Your DPO questions answered

Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect earlier this year. For many, that has included the…

GDPR Article 32: Your guide to the requirements

Perhaps the most widely discussed set of compliance requirements within the GDPR (General Data Protection Regulation) are those found in Article 32. That’s because it contains the measures that organisations must implement to prevent cyber…

GDPR data transfer rules: what you need to…

If you’re transferring data outside of the EEA, the GDPR (General Data Protection Regulation) imposes some restrictions. These apply to all data transfers, no matter the size of the transfer or how often you carry them…

GDPR for small business: the ultimate guide

What is the GDPR? A quick overview The Regulation came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal…

GDPR data subject access requests (DSARs): How to…

The GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. This is known as a DSAR (data subject access request). This is not a new concept, but the GDPR introduced several changes…

Loading

GDPR: lawful bases for processing, with examples

First published June 2018. Last updated March 2020. Under the EU GDPR (General Data Protection Regulation), you need to identify a lawful basis before processing personal data. But what is a lawful basis for processing?…

How to write a GDPR data privacy notice…

The GDPR (General Data Protection Regulation) gives individuals more control over how their personal data is used. If your organisation processes personal data, the Regulation requires you to provide data subjects with certain information. This typically takes the…