EU

The GDPR requires organisations to implement appropriate technical and organisational measures to implement data protection principles and safeguard individual rights. While data protection by design and by default (or ‘privacy by design’) is not a new concept, the GDPR makes it a legal requirement, and thus practical guidance is needed…

The GDPR, or General Data Protection and Regulation, is going into effect in May 2018 throughout the European Union (EU) and presents important legal changes and challenges for organizations and consumers alike. Interactions and relationships between customers and businesses are transforming; the GDPR shifts authority over customer data from the business…

Due to the many enquires we receive regarding clarity around what is personal data under the GDPR, we captured this from the document: ICO: Guide to the General Data Protection Regulation (GDPR), August 2, 2018What is personal data?At a glanceUnderstanding whether you are processing personal data is critical to understanding whether the…

You read that right: GDPR enforcement is on fire! While fines are not always particularly high, our analysis shows that, in terms of volume, data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities. Some interesting trends are also emerging: DPAs have levied 190 fines and penalties to date. With…

European Citizens have a fundamental right to privacy, it is important for organisations which process personal data to be cognisant of this right. When carried out effectively, anonymisation and pseudonymisation can be used to protect the privacy rights of individual data subjects and allow organisations to balance this right to…