Are the GDPR Recitals Important?

YES! Organisations should be reading the Recitals alongside the Articles to ensure complete compliance with, and understanding of, the Regulation. The Recitals provide a mixture of additional information and supporting context, supplementing the Articles and making them more relatable; as well as providing essential information for effectively implementing the GDPR. Article 25 for example – […]

GDPR & The ePrivacy Regulation

The Privacy and Electronic Communications Directive (2002/58/EC) goes hand in hand with data protection and focuses primarily on personal data, data protection and privacy in the digital arena. Known as the ‘ePrivacy Directive’, its core is rooted in the EU’s secondary law (Article 7 of the Charter of Fundamental Rights of the EU), the fundamental […]

GDPR Processing Activities Register Template

Maintaining written (including electronic) records of processing activities is a GDPR requirement under Article 30, applying to controllers & processors with 250+ employees (and in limited cases , to those with fewer than 250 persons). Recital 82 advises that “each controller and processor should be obliged to cooperate with the supervisory authority and make those […]

GDPR Data Mapping & Information Flow

Organising your personal data, reviewing the avenues for obtaining, using and storing the information and completing an information audit is an important part of the¬†General Data Protection Regulation (GDPR) planning and implementing process. Starting with a data mapping exercise is pivotal to ensuring that you comply with the GDPR requirements and for structuring your personal […]