What is a Privacy Notice? A privacy notice as a document, form, webpage or pop-up that is provided to individuals at the point their personal information is collected. Where data is obtained indirectly, the notice is provided at the earliest opportunity. A business is obligated to provide a privacy notice to all individuals when their […]
Know Your Compliance Limited are market leaders in GDPR policy and template development. We have been writing and selling data protection policies and procedures for more than 10 years and supply thousands of customers from hundreds of industries. Our exclusive GDPR Self Assessment Checklist is an Excel based tool that enables a business to assess […]
This free GDPR information audit template has been developed to comply with the current data protection legislation. Available to download without having to add any contact details. The easy to use Excel template can be fully customised and is suitable for any business type or industry. What is a Data Protection Information Audit? Carrying out […]
The use of CCTV surveillance “CCTV” requires the user to have certain measures and controls in place. Measures can range from signposting that makes the public aware CCTV is being used; through to having a compliant CCTV policy and checklist. The data obtained through the use of CCTV falls under the data protection legislation. This […]
Initially published in 2017 ahead of the General Data Protection Regulation (GDPR) enforcement, this article has been updated for those new to the UK GDPR. Understand some of the GDPR Conditions & Rights that apply under the UK’s data protection Regulation and see how to comply with your obligations. Lawfulness of Processing Conditions The onus […]
What does ‘data minimisation’ mean? Simply put, data minimisation is the process of limiting the collection and retention of personal data to what is absolutely necessary. The purpose for processing personal data should be identifed by the data controller. The information collected should be adequate to fulfil that purpose, directly relevant and limited to what […]
What is a Data Protection Impact Assessment? A Data Protection Impact Assessment (DPIA) is a mandatory requirement under the UK GDPR for certain types of data processing and activities. Article 35 states that a DPIA must be carried out where the type of processing is likely to result in a high risk to the rights […]
Why Do You Need a CCTV Policy? If you are using CCTV surveillance across any business area you should know how to write a CCTV policy. You have a legal obligation to notify individuals that you are using CCTV! You should implement a CCTV policy which defines how, why and when you use CCTV and […]
Lawful Basis for Processing Why do you need to understand the legitimate interests assessment process? When processing personal information, it is a legal requirement to comply with the UK GDPR and data protection laws. Specifically, adhering to the Article 6 lawfulness of processing obligations. Businesses processing personal data should identify which legal basis they are […]
GDPR and Digital Information Bill Summary After tabling and then withdrawing the initial data protection reform bill, the revised Data Protection and Digital Information (No. 2) Bill (“the Bill) is now making its way through the parlimentary channels. The second version of the Bill provides some additional clarifications on its predecessor. It aims to make […]