Blog

Last month, we saw the arrival of not only the highly anticipated GDPR, but also the new and improved Data Protection Act of 2018. With the combination of both of these new legislations, the UK is being recognised as one of the most advanced data protecting countries in the world. The Data Protection Bill was first spoken about this time last year, and following its journey through parliament, it has now found its place in the UK law as the new Data Protection Act 2018. The previous Data Protection Act of 1998 did not account for the modern internet, technology …

There has been a huge amount of talk regarding data protection and the new GDPR legislation over the last few months as all organisations are under pressure to be totally compliant by the impending deadline: May 25th (that is today!) If you need any information regarding GDPR and how it will change the way in which you can communicate with clients and customers, please visit our blog page where we have several posts discussing this new regulation.   Today, however, we would like to talk to you about accountability. Accountability is a new ‘notion’ in the GDPR, although the ICO …

With every passing day taking us closer to the 25th May, many different organisations are panicking as they desperately try and ready themselves for the new legislation: GDPR. The ICO have put together a very valuable tool – a self-assessment that helps you identify exactly what you have already got nailed down and what you need to work on before the end of the month. The assessment is split into these seven sections: Data Protection Assurance Checklist In this section, the ICO help you identify whether you are a controller or a processor of data, and then information regarding consent …

Royal Mail Group Ltd have recently been hit with a £12,000 fine by the Information Commissioner’s Office (ICO) for sending over 300,000 emails to consumers who had previously requested to opt out of receiving direct marketing. Back in July 2017, they sent emails to 317,014 people who had already explicitly expressed a desire to be taken off the mailing list. ICO Head of Enforcement, Steve Eckersley said: “Royal Mail did not follow the law on direct marketing when it sent such a huge volume of emails, because the recipients had already clearly expressed they did not want to receive them. …

As you are probably aware by now – after all, it’s all we’ve been talking about for months – the new GDPR legislation (General Data Protection Regulation) is now just over a month away from being implemented. You’ve probably heard an abundance of information regarding GDPR, but something that appears to be under-reported is its sister regulation e-Privacy, which is also set to change soon. It is important to understand both the different regulations, as although they are different, they complement one another, and must both be employed. So, what are the differences? The enforcement of GDPR means that the …

Amendment 26/04/2018 Please note, the following guidance was intended to focus on commercial marketing activities in regards to consumers. There is a difference between sending emails for marketing and administrative purposes. The latter is permitted under legitimate interests, marketing communications is not We are now just over one month away from the introduction of the EU General Data Protection Regulation (GDPR), which is set to drastically alter the way in which data is stored and processed. The aim of this new legislation is to put the modern consumer and citizen first, by protecting and limiting access to their data. On …

Many companies use the convenience of cloud-based storage services such as Dropbox or Live Drive to store their company files. Whilst these services are great for saving space and making sure that files are accessible to other members of a team, these services also tend to sync to local devices such as mobiles and tablets. This means that companies could potentially have thousands of copies of files on private devices without any form of encryption. This is dangerous for your data protection. Especially if the files contain data from your client’s companies, as well as your own. The chances are …

If you have begun aligning your company procedures to the new GDPR Regulation due to come in force in May (and if you haven’t, we urge you to do this urgently), you will be aware that you must have a valid lawful basis in order to process data – and this includes the data your hold about your employees. There is a hidden trap here. You may be operating under the assumption that you have the employees’ consent to process their data, therefore ‘everything is ok’.  That would be the wrong assumption.   All they would need to do is withdraw …

In as little as 3 months, the EU General Data Protection Regulation (GDPR) will come into effect, overtly changing the way organisations handle, store and protect their data. Seen as one of the most significant changes in global privacy laws in 20 years, this law isn’t just about how you use data but also how it is stored. With a 134% rise in cyber-attacks in 2017 and the UK being seen as the most targeted region in the world for cyber threats, it is vital that all organisations have the appropriate measures in place to ensure that all company data …

When are you liable for a data breach? How will this change when the new UK Data Protection Bill and the General Data Protection Regulation (GDPR) come into force later this year? These are the questions particularly hot in the press as the Morrisons Data Breach (2014) case continues to be investigated in UK courts… On the 12th of January 2014, supermarket giant Morrisons suffered a sizable data breach when a file containing 99,998 of Morrisons’ employee’s personal details was uploaded onto a file sharing website. The file was also loaded onto a CD and sent to 3 UK newspapers. …