Transfers of personal data outside the UK have changed since Brexit. Likewise, with the introduction of the International Data Transfer Agreement (IDTA), it is essential that you update your international data transfer policy. Read this article to find out how and why. Transfers of Personal Data Outside the UK Article 44 of the UK GDPR […]
Privacy Policy vs Privacy Notice In data protection programs, the terms privacy policy and privacy notice can often be used interchangeably. In most cases, they refer to the same document, the content of which aims to provide the reader with information about the how, why and what of processing personal data. There are some suggestions […]
GDPR A3 Posters We have now launched 2 new A3 compliance posters in our comprehensive range. Our GDPR Article 5 Principles & GDPR Consent Posters are available to buy now. Both are avaiable separately, or in our duo set which provides a £4 discount against individual purchases. Our exclusive A3 Compliance Posters support your employees […]
What is A Data Protection Impact Assessment (DPIA)? Data Protection Impact Assessments (DPIA) are a requirement of the UK GDPR. The assessment aids in compliance with the data protection requirements and obligations. It’s aim is to help firms identify the risks associated with data processing and those posed to data subjects. Completing a DPIA is […]
What is Information Security? Given the digital scope of business today, most firms are heavily invested in their Information Security programs and procedures. Ensuring that data, systems and infastructures are safe and secure should be run of the mill and a top priority, regardless of size or sector. Information Security in its broadest sense is […]
29
Sep
Sep
PECR Breaches Throughout 2021/22, the Information Commissioner’s Office (ICO) issued over £1,700,000 in fines for breaches of the direct marketing laws. This included extensive PECR breach fines for ‘We Buy Any Car’. The ICO has powers under the Privacy and Electronic Communications Regulations 2003 (PECR) which enables them to take action to change the behaviour […]
Art. 13 and Art. 14 of the UK GDPR specify what information needs to be provided to individuals when their personal data is being processed. Art. 13 details the requirements where data has been collected directly from the data subject and should be provided in the form of a Privacy Notice.