Philippa Donn17 November 2020Brexit: Will the UK get an adequacy decision?As the end of the Brexit transition period draws close, will the free flow of data continue? Will the EU grant the UK adequacy? GDPRInternational Data Protection Simon Blanchard17 November 2020EDPB recommendations on international data transfersHotly awaited recommendations on international data transfers have been published by the EDPB, but don't expect a silver bullet. Data Governance & SecurityGDPRInternational Data Protection Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessHow the ICO’s Accountability Framework could help your business In September 2020 the UK’s Information Commissioner’s Office (ICO) published an Accountability Framework, aimed at helping organisations to recognise and...Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Julia Porter03 November 20206 reasons UK privacy rules won’t diverge post BrexitThe future of the UK data protection regime is not set in stone in a post-Brexit world, but why is the UK likely to stick with GDPR?GDPRInternational Data Protection Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard17 November 2020EDPB recommendations on international data transfersHotly awaited recommendations on international data transfers have been published by the EDPB, but don't expect a silver bullet. Data Governance & SecurityGDPRInternational Data Protection Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessHow the ICO’s Accountability Framework could help your business In September 2020 the UK’s Information Commissioner’s Office (ICO) published an Accountability Framework, aimed at helping organisations to recognise and...Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Julia Porter03 November 20206 reasons UK privacy rules won’t diverge post BrexitThe future of the UK data protection regime is not set in stone in a post-Brexit world, but why is the UK likely to stick with GDPR?GDPRInternational Data Protection Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessHow the ICO’s Accountability Framework could help your business In September 2020 the UK’s Information Commissioner’s Office (ICO) published an Accountability Framework, aimed at helping organisations to recognise and...Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Julia Porter03 November 20206 reasons UK privacy rules won’t diverge post BrexitThe future of the UK data protection regime is not set in stone in a post-Brexit world, but why is the UK likely to stick with GDPR?GDPRInternational Data Protection Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Julia Porter03 November 20206 reasons UK privacy rules won’t diverge post BrexitThe future of the UK data protection regime is not set in stone in a post-Brexit world, but why is the UK likely to stick with GDPR?GDPRInternational Data Protection Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter03 November 20206 reasons UK privacy rules won’t diverge post BrexitThe future of the UK data protection regime is not set in stone in a post-Brexit world, but why is the UK likely to stick with GDPR?GDPRInternational Data Protection Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Uncategorized Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn26 August 2020Understanding email marketing rulesWhat are the email marketing rules? Make sure your marketing comms are not unwittingly putting your business at risk.Direct MarketingElectronic CommunicationsGDPR Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn12 August 2020Brexit, GDPR & PECR – the future UK data protection landscapeBrexit and GDPR - what the UK leaving the EU means for data protection law. Find out the impact on your business. Data Protection ActDirect MarketingElectronic CommunicationsGDPRInternational Data Protection Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Electronic CommunicationsePrivacy RegulationGDPR Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Opinion DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard10 February 2020ePrivacy Regulation – Are we any closer to a final text?Efforts continue to try and agree the final text of the ePrivacy Regulation. Reaching a consensus has proved very challenging since the first draft was published 3 years...Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team29 January 2020Your Views – Survey on draft Direct Marketing CodeA call for your views. The ICO's draft direct marketing code is open for public consultation. The DPN will be providing feedback. Give your comments to further...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Opinion Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Debbie McElhill03 December 2019ePrivacy Regulation – Is there still life in it, as the European Commission steps in? In a bid to find consensus the European Commission has announced it’s preparing a revamped ePrivacy proposal. This follows the recent rejection by EU member states of the...Opinion DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter27 November 2019Harnessing the Power of Responsible MarketingWhat is responsible marketing? What core values should you embrace and what type of projects can marketers apply these values to? Here are my six pillars of responsible marketing;...Opinion DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team28 October 2019Rewarding Privacy By Design Have you or your team gone the extra mile to ensure a privacy aware, customer focused approach to a project, initiative or marketing campaign? Or do you know...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn18 October 2019Marketing Message & Service Message: Where to draw the lineIs your ‘Service’ Message actually a Marketing one? A common (but incorrect) myth which spread with GDPR was that consent was required for almost everything – including all communications...Direct Marketing Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Opinion Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Debbie McElhill18 September 2019ePrivacy Regulation – what’s happening?ePrivacy Regulation – first draft 2017, so what’s happening two years on? The ePrivacy Regulation is set to replace the 2002 ePrivacy Directive (and subsequent amendments) which currently sits...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...GDPRPolicies and Processes Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn12 September 2019The DPN Rosemary Smith Award for Responsible MarketingThis award has been launched to recognise a contribution made to Responsible Marketing, giving a team or an individual credit for a creative and privacy aware project or initiative.Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...GDPRICO Guidance Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...GDPRInternational Data ProtectionUncategorized DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Direct MarketingGDPRUncategorized Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Mark Bridges05 July 2019CCPA – Californian Consumer Privacy Act: 5 Key ImpactsCCPA: What businesses need know The Californian Consumer Privacy Act (CCPA) ushers in new rights for Californian residents and compels companies that operate in California to implement changes or...Opinion DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team05 July 2019Adtech: The challenging compliance landscape – webinar recordingPublishers, advertisers, adtech firms, start-ups and privacy activists are all united in a strong interest in online advertising and programmatic delivery . After all, it represents the lion’s share...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network and Opt-4 lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the...Direct MarketingUncategorized Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Opinion Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Gemma Johnson08 March 2019Why 59 Charities were referred to the ICO by the Fundraising RegulatorThe Fundraising Regulator has warned that 59 charities could be in breach of data protection law for failing to apply suppression requests made via the Fundraising Preference Service (FPS)...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Opinion Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Electronic CommunicationsePrivacy RegulationGDPR Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Opinion Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard18 November 2018ePrivacy Regulation is not ready and could be stalled even furtherAs those in the know recognise, data protection is not just about GDPR. Many of us have been waiting for GDPR’s EU counterpart, the new ePrivacy Regulation for a...Opinion Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Opinion Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Matt Edgar02 October 2018Spam crusader or vigilante victim – what happens if you are blacklisted unfairly?Finding spam a nuisance and being anti-spam is a default setting for all of us these days. Even as technology evolves and our mailboxes become smarter in reducing this...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Opinion Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...GDPRPolicies and ProcessesPrivacy by Design Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Opinion DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Data Governance & SecurityGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR
Helping your teams with no-nonsense privacy advice
