Webinar: Appointing a data protection officer DPO under the GDPR

The General Data Protection Regulation (GDPR) imposes a significant number of obligations and responsibilities on controllers and processors.  The GDPR significantly reshapes the data protection landscape for organisations worldwide that collect and process the data of EU residents. The Regulation also imposes fines of up to 4% of annual global turnover or €20 million (whichever is greater), … [Read more...]

How to maintain GDPR-compliant databases

If your organisation collects EU residents’ personal data, the EU General Data Protection Regulation (GDPR) applies to you. The GDPR takes effect in just a few months, so if you’re not already nearing compliance, you need to work quickly. A significant part of the process will involve managing your databases, as this is probably where you keep most of your personal data. Database auditors need a … [Read more...]

German court rules Facebook’s data use is illegal

Facebook’s default privacy settings and use of personal data are against German consumer law, according to a Berlin regional court. The court ruled that Facebook collects and uses personal data without providing enough information to its members for them to give meaningful consent. “Facebook hides default settings that are not privacy-friendly in its privacy centre and does not provide sufficient … [Read more...]

Does your CRM meet the GDPR’s compliance requirements?

Organisations that have a customer relationship management (CRM) system in place will be well-versed in handling large volumes of personal data, and – in theory – prepared for the EU General Data Protection Regulation (GDPR). They will be used to keeping names, email addresses and dates of birth secure, and updating information when it’s out of date, which are central to GDPR compliance. However, … [Read more...]

9 steps to GDPR compliance

On 25 May 2018, the EU General Data Protection Regulation (GDPR) comes into effect, changing the way organisations handle personal data. The Regulation strengthens individuals’ rights concerning the way personal data is used, and requires that organisations take extra steps to make sure data remains secure. The GDPR applies to any organisation that handles EU residents’ personal data. If that … [Read more...]

The GDPR: What is sensitive personal data?

We recently discussed what counts as personal data under the EU General Data Protection Regulation (GDPR); however, we didn’t cover sensitive personal data. Before we get into what that entails, let’s recap the GDPR’s definition of personal data: “‘[P]ersonal data’ means any information relating to an identified or identifiable natural person (‘data subject’).” In other words, any information that … [Read more...]

European Commission publishes guidance on the GDPR

The European Commission has published guidance on the upcoming EU General Data Protection Regulation (GDPR). The document: Summarises the purpose and benefits of the GDPR; Evaluates the steps that organisations, national data protection authorities and the Commission have taken to prepare for the GDPR; Outlines what still needs to be done before the Regulation takes effect on 25 May 2018; … [Read more...]

The GDPR: What exactly is personal data?

Personal data is at the heart of the EU General Data Protection Regulation (GDPR), but many people are still unsure exactly what ‘personal data’ refers to. There’s no definitive list of what is or isn’t personal data, so it all comes down to properly interpreting the GDPR’s definition: “‘[P]ersonal data’ means any information relating to an identified or identifiable natural person (‘data … [Read more...]

The GDPR: Understanding the 6 data protection principles

The EU General Data Protection Regulation (GDPR) outlines six data protection principles that organisations need to follow when collecting, processing and storing individuals’ personal data. The data controller is responsible for complying with the principles and must be able to demonstrate the organisation’s compliance practices. We’ve listed the six principles here with advice on how you can … [Read more...]

The GDPR: What do email marketers need to know?

Personal data is at the heart of marketing campaigns. Organisations need people’s information to advertise their products and analyse their campaigns’ success, and they go to great lengths to collect and process this data. But on 25 May 2018, the EU General Data Protection Regulation (GDPR) takes effect, enforcing stricter data privacy rules and enhancing individuals’ rights and freedoms … [Read more...]