How the GDPR affects cookie policies

Cookies are mentioned only once in the GDPR (General Data Protection Regulation), but the repercussions are significant for any organisation that uses them to track users’ browsing activity. Recital 30 of the GDPR states: Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in … [Read more...]

GDPR: When do you need to seek consent?

Under the GDPR (General Data Protection Regulation), knowing how and when you need to seek consent can be tricky. Many people mistakenly think that organisations must get consent to process personal data, but consent is one of six lawful grounds for processing data, and you’d be advised to seek it only if none of the other grounds apply. The other lawful grounds are: A contract with the … [Read more...]

Cyber attacks and data breaches in review: April 2020

Despite organisations across the globe being forced to shut down to combat coronavirus, there were still 216,141,421 breached records in April – demonstrating that cyber criminals can thrive under any circumstance. The true scale of the threat is probably even larger, given that many businesses operating with limited resources would have a much harder time detecting a security incident. As always, … [Read more...]

Is your organisation PCI DSS-compliant during the coronavirus pandemic?

Many of us have adapted well to working from home during the coronavirus pandemic, but employees responsible for handling payment card transactions won’t have had such an easy time. That’s because they’re required to perform their jobs in line with the PCI DSS (Payment Card Industry Data Security Standard), which contains a set of requirements on the technologies and processes that are used when … [Read more...]

GDPR: The implications of working from home or on the road

Remote working has become an increasingly popular option for organisations over the past few years, thanks to technological advancements that help employees stay connected and productive while out of the office. These technologies are more than essential than ever in light of the COVID-19 pandemic. Social distancing has forced many of us to stay at home for the foreseeable future, meaning remote … [Read more...]

Cyber attacks and data breaches in review: March 2020

With COVID-19 spreading across the globe last month – bringing with it a host of cyber security risks – it would have been easy to fear for the worst in terms of cyber attacks and data breaches. But surprisingly, we only found 67 incidents this month, with a total of 832,486,418 affected records – which is only slightly higher than last month’s figures. However, we’re still only in the early … [Read more...]

How to respond to DSARs (data subject access requests) during the COVID-19 pandemic

As organisations adjust to the chaos that the 2019 novel coronavirus (COVID-19) has brought, they are bound to be limited in the business processes they can perform. Among the problems they face is the ability to comply with the GDPR (General Data Protection Regulation) – and in particular to respond to DSARs (data subject access requests). With many employees working from home – and the … [Read more...]

A quick guide to the GDPR’s articles and recitals

There is such a breadth of information online about the GDPR (General Data Protection Regulation) that it can be daunting to find even basic clarifications on its rules and requirements. With this blog, we hope to simplify things, providing quick explanations of the GDPR’s core concepts. For those who want to learn more about each topic, we have links to articles where we’ve discussed the issue in … [Read more...]

What are the security risks of Cloud computing?

Cloud services are an integral part of modern business, with as many as 94% of organisations using it for at least some part of their operations. The reliance on Cloud services will soar in the coming weeks and months, as employees work from home where possible in the fight against the 2019 novel coronavirus pandemic. Separated from the office and local hard drives, employees will be able to use … [Read more...]

What does the GDPR mean for B2B marketing?

Two years after the GDPR (General Data Protection Regulation) took effect, a lot of organisations remain unsure of how to approach compliance. This is especially apparent in B2B marketing, which deals with both business information and personal information. Employees often don’t know which details are subject to the GDPR’s rules and how extensive their data protection practices should be. Let’s … [Read more...]