Loading

How to write a GDPR data privacy notice…

The GDPR (General Data Protection Regulation) gives individuals more control over how their personal data is used. If your organisation processes personal data, the Regulation requires you to provide data subjects with certain information. This typically takes the…

Top tips for data retention under the GDPR

Under the GDPR (General Data Protection Regulation), organisations must be vigilant about how long they retain personal information. If you keep sensitive data for too long – even if it’s being held securely and not…

How will UK organisations share data with the…

As we approach 31 October and the revised Brexit deadline day, you’ll see more and more stories pop up about previously under-reported ways that the UK’s departure from the EU will affect organisations. The latest…

Exploiting GDPR to Get Private Information

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR), which came into force in…

List of mandatory documents required by the GDPR

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance…

Loading

GDPR: Data transfers outside the EU – what…

This blog has been updated to reflect industry developments. Originally published Jan 04, 2018. The EU General Data Protection Regulation (GDPR) restricts transfers of personal data to countries outside the EEA. These restrictions apply to…

Hotel giant Marriott to be fined £99m for…

Marriott International is to be fined £99.2 million for a massive data breach that it disclosed last year. The penalty, levied by the ICO (Information Commissioner’s Office), relates to a cyber attack that occurred in…