Julia Porter03 March 2021What privacy lessons can we learn from Online DatingWe spoke to the Online Dating Association about privacy matters - here are our ten data protection lessonsData Governance & SecurityGDPRIndividual Privacy RightsMarketing & Data Protection Philippa Donn02 March 2021Right to Erasure: 10 TipsErasure requests proving a challenge? Get some top tips on how to get your Right to Erasure process on track. GDPRIndividual Privacy Rights Simon Blanchard02 March 2021How is your privacy programme performing?How to track your business’s privacy performance and make sure data is being successfully managed across the business. Data Governance & SecurityGDPR DPN Team24 February 2021How has Covid changed our attitudes to privacy?What data protection challenges has Covid raised? What difficult decisions do we face? Listen to our expert panel discuss...Videos Philippa Donn21 February 2021European Commission publishes draft UK adequacy decisionInternational data transfers: A draft adequacy decision has been published which would allow for the free flow of data from EEA to UK. GDPRInternational Data Protection Julia Porter17 February 2021Has Covid-19 changed our attitudes to privacy?How the pandemic raises a number of privacy challenges and means taking difficult decisions on the collection and use of personal data. Data Governance & SecurityGDPR Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn02 March 2021Right to Erasure: 10 TipsErasure requests proving a challenge? Get some top tips on how to get your Right to Erasure process on track. GDPRIndividual Privacy Rights Simon Blanchard02 March 2021How is your privacy programme performing?How to track your business’s privacy performance and make sure data is being successfully managed across the business. Data Governance & SecurityGDPR DPN Team24 February 2021How has Covid changed our attitudes to privacy?What data protection challenges has Covid raised? What difficult decisions do we face? Listen to our expert panel discuss...Videos Philippa Donn21 February 2021European Commission publishes draft UK adequacy decisionInternational data transfers: A draft adequacy decision has been published which would allow for the free flow of data from EEA to UK. GDPRInternational Data Protection Julia Porter17 February 2021Has Covid-19 changed our attitudes to privacy?How the pandemic raises a number of privacy challenges and means taking difficult decisions on the collection and use of personal data. Data Governance & SecurityGDPR Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard02 March 2021How is your privacy programme performing?How to track your business’s privacy performance and make sure data is being successfully managed across the business. Data Governance & SecurityGDPR DPN Team24 February 2021How has Covid changed our attitudes to privacy?What data protection challenges has Covid raised? What difficult decisions do we face? Listen to our expert panel discuss...Videos Philippa Donn21 February 2021European Commission publishes draft UK adequacy decisionInternational data transfers: A draft adequacy decision has been published which would allow for the free flow of data from EEA to UK. GDPRInternational Data Protection Julia Porter17 February 2021Has Covid-19 changed our attitudes to privacy?How the pandemic raises a number of privacy challenges and means taking difficult decisions on the collection and use of personal data. Data Governance & SecurityGDPR Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team24 February 2021How has Covid changed our attitudes to privacy?What data protection challenges has Covid raised? What difficult decisions do we face? Listen to our expert panel discuss...Videos Philippa Donn21 February 2021European Commission publishes draft UK adequacy decisionInternational data transfers: A draft adequacy decision has been published which would allow for the free flow of data from EEA to UK. GDPRInternational Data Protection Julia Porter17 February 2021Has Covid-19 changed our attitudes to privacy?How the pandemic raises a number of privacy challenges and means taking difficult decisions on the collection and use of personal data. Data Governance & SecurityGDPR Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn21 February 2021European Commission publishes draft UK adequacy decisionInternational data transfers: A draft adequacy decision has been published which would allow for the free flow of data from EEA to UK. GDPRInternational Data Protection Julia Porter17 February 2021Has Covid-19 changed our attitudes to privacy?How the pandemic raises a number of privacy challenges and means taking difficult decisions on the collection and use of personal data. Data Governance & SecurityGDPR Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter17 February 2021Has Covid-19 changed our attitudes to privacy?How the pandemic raises a number of privacy challenges and means taking difficult decisions on the collection and use of personal data. Data Governance & SecurityGDPR Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn16 February 2021EU ePrivacy Regulation: a significant step forward?Is the proposed EU ePrivacy Regulation, which will give us new rules for cookies and electronic communications, a step closer? Electronic CommunicationsePrivacy Regulation Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard15 February 2021Data governance: How to take control of your dataTake control of your data! How a data governance framework means you can meet business objectives without taking unnecessary risks. Data Governance & SecurityGDPR Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn15 February 2021Understanding email marketing rulesUK email marketing rules - when do you need consent? what's the soft opt-in and when can you lawfully use an opt-out? Direct MarketingElectronic Communications DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team10 February 2021Tackling employee-related subject access requestsListen in as we discuss the challenges of handling employee-related data subject access request, with some tips on how to be more efficient. Videos Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter03 February 2021ICO adtech update: what steps should you take?As the ICO resumes its investigation into adtech and RTB, what steps should advertisers and players in this market be taking? Data Governance & SecurityElectronic Communications Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard29 January 2021Help your teams to ‘do the right thing’ with personal dataHow well-crafted easy to read data protection policies help to make sure your staff know how do the right thing Data Governance & SecurityPolicies and Processes Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter21 January 2021Like a puppy, data protection is for life – does your training match?What does good data protection training look like? Why one-off sessions will not cut it and how to keep the momentum going...Data Governance & SecurityGDPR Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn20 January 2021UK Data protection and ePrivacy law post Brexit: Q&AWhat data protection and ePrivacy law applies in the UK post Brexit? Our handy Q&A answers key considerations for your business.ePrivacy RegulationGDPRInternational Data Protection Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter08 January 2021It’s time to recognise and celebrate responsible marketingMore than ever we need to focus on being open and transparent and building trust with customers. What core values should you embrace? Direct MarketingElectronic CommunicationsGDPRPrivacy by Design Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard04 January 2021Data protection and innovation in a post-Brexit worldThe ICO calls for transparency, accountability and trust to be core themes in the UK's National Data Strategy post-Brexit GDPRICO Guidance Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn04 January 2021Brexit Deal and Data TransfersFears the free flow of data from the EEA to UK would end have been averted with the Brexit Trade Deal. But we’re not out of the woods yet.GDPRInternational Data Protection Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn22 December 2020Data sharing: 10 point checklistAs the ICO publishes Data Sharing Code of Practice, what are the 10 key points you need to think about before you share personal data?Data Governance & SecurityGDPRICO Guidance Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn16 December 2020Brexit: Do you need an EU Representative?UK organisations may need to appoint a EU representative, find out if your organisation falls under this GDPR requirement... GDPRInternational Data ProtectionUncategorized DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team15 December 20202021 Privacy PredictionsWill 2021 be all about Brexit, COVID, AI and Ethics? Join DPN's distinguished advisory board as they gaze into the privacy crystal ball...Data Governance & SecurityGDPRInternational Data Protection DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team11 December 2020Season’s GreetingsWe're supporting the charity Bankuet, which fills the gaps providing Food Banks with what poeple need most when they need it.Uncategorized Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn01 December 2020Fantasy GDPR – Your new data protection regime130 people, battle-scarred data professionals all, chose to cry havoc and unleash the Dogs of Data by taking part in our Fantasy GDPR quiz.GDPR Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard01 December 2020Should DPOs take responsiblity for risk?Allocating responsibility for your privacy risks - Is it right for data protection risks to sit with your Data Protection Officer? Data Governance & SecurityGDPR Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard12 November 2020How the ICO’s Accountability Framework could help your businessWe take a look at how ICO's handy Accountability Framework can help organisations meet their GPDR responsiblities. Data Governance & SecurityGDPRICO Guidance Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn03 November 2020The data breach that cost Marriott £18.4 million – what went wrong?As the ICO slams a £18 million data breach fine on Marriott, we take a look at what went wrong and what other businesess can learn ... Data Governance & SecurityData SecurityGDPR Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Chris Field03 November 2020Evaluating the management of privacy choicesHow to address the challenge of privacy choices for multinationals faced with different communication privacy laws around the world.Direct MarketingElectronic CommunicationsInternational Data Protection DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team27 October 2020Handling complex subject access requestsListen in as an expert panel discuss handling complex DSARs in large and medium-sized organisations. How to respond and how tech can help. Videos DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team27 October 2020Privacy Question TimeYour data protection questions answered. Lively debate, topical polls with an expert panel. Recording now available.Videos Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn23 October 2020ICO Subject Access Request Guidance: help or hindrance?Subject Access Requests: As the ICO published detailed guidance we take a look at the higlights and whether it's a help or hindrance GDPRICO GuidanceIndividual Privacy Rights DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team22 October 2020Rosemary Smith Responsible Marketing AwardGiving an individual or team credit for a creative and privacy aware project. This award recognises a responsible approach to marketing. Direct MarketingGDPR Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard22 October 2020British Airways data breach – what can we learn?British Airways has been fined £20m by the ICO, what lessons can we all learn from BA's painful personal data breach? Data Governance & SecurityData SecurityGDPRPolicies and Processes Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn20 October 202010 DSAR tips from 10 DPOsData Subject Access Requests can be a challenge to handle. Get 10 great tips from experts who routinely handle the right of access, GDPRIndividual Privacy Rights Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn20 October 2020Covid Symptom Study apologises for marketing face masksCovid Symptom Study breaks the marketing rules by promoting masks for to fund their research, but find out how an quick apology can go a long way. ... Direct MarketingElectronic Communications Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter15 October 2020Are COVID-19 contact tracing technology services legitimate?Alarming headlines have suggested COVID-19 contact tracing data from pubs and restaurants is being sold on. Is this actually true and what should checks should you take? Data Governance & SecurityGDPR Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn07 October 2020COVID-19 Data Protection GuideCovid-19 has meant employers have, by necessity, made risk-based data decisions. Do these need revisiting now? Data Governance & SecurityData SecurityPolicies and Processes Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard07 October 2020Are you monitoring staff health during COVID-19?What checks and balances should you have in place if you are monitoring your employees' health during the pandemic? We take a look at the core areas to consider...Data Governance & SecurityEmploymentPolicies and Processes Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter05 October 2020Is the new COVID app safe to use?We now have the newly minted Covid app modelled on the Google and Apple templates. Should we be trusting this app?Data Governance & SecurityGDPRPrivacy by Design Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter24 September 2020Cookies crushed, the world is changingThe demise of the third party cookie - five signs the world is changing. Where next for targeted advertising? Electronic CommunicationsGDPR Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn23 September 2020Data Protection by Design: Part 3 – Data Protection Impact AssessmentsHow to get your Data Protection Impact Asssessment process on track - when should you do one, what should you process look like? Get some useful tips... Data Governance & SecurityGDPRPolicies and ProcessesPrivacy by Design Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn09 September 2020New Children’s Code – does it apply to your business?New Children's Code to protect under 18s online. It will affect your business if your online services are likely to be acccessed by children. GDPRICO GuidancePolicies and ProcessesPrivacy by Design Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard04 September 2020Data Protection by Design: Part 2 – How to approach itHow to implement Data Protection by Design when you are developing new applications, products and services. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn27 August 2020Data Protection by Design: Part 1 – The BasicsWhat does ‘Data Protection by Design’ really mean (and why is it also called ‘Privacy by Design’)? Do you need to be concerned about it? And how do you...Data Governance & SecurityGDPRPrivacy by Design Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard25 August 2020Data Protection Officers – should we appoint a DPO?Which organisations need to have a DPO? If you don't should you appoint one anyway or outsource? We explore the options .. Data Governance & SecurityGDPR Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard12 August 2020Use of automated facial recognition by South Wales Police ruled ‘unlawful’South Wales Police's use of automated facial recognition has been ruled unlawrul - it breaches human rights and has potential for bias. GDPR Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter12 August 2020When does your CRM marketing plan morph into a data privacy project?Looking to leverage your customer database to drive more business? How to make sure you marketing plan is supported by your privacy strategyDirect MarketingElectronic CommunicationsGDPR Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard10 August 2020Dashcams and GDPR: Assessing the privacy implications7 point privacy guide for use of dashcams in vehicles. Quick steps to make sure your use of dashcams is transparent and lawful. GDPRPolicies and Processes Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard05 August 2020ICO guidance on how to apply good data protection to AISeven steps for making sure innovation flourishes and your artificial intelligence activities are sound from a data protection point of viewGDPRICO Guidance DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team29 July 2020How to manage your suppliersHow to manage your suppliers and reduce the risk they may post. Hear our specialist panel chat through the key points to consider.Videos Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn29 July 2020Could COVID-19 lead to a spike in Subject Access Requests? How to handle ex-employeesDSARs from disgruntled ex-employees can be challenging to handle, get some helpful tips on how best to approach the task of fulfilling them.GDPRIndividual Privacy Rights Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn28 July 2020Schrems II ruling: Privacy Shield down, SCCs survive but with a sting in the tailInternational data transfers - EU-US Privacy Shield ruled invalild, questions raised regarding SCCs, find out what actions should you take. GDPRInternational Data Protection Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard27 July 2020RoPA – Five tips for keeping your Records of Processing Activity up to date5 tips for keeping your GDPR records of processing activities up to date. The why, who, what, how and when of data protection documentation.GDPRPolicies and Processes DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team16 July 2020Transparency: How to get the message acrossDiscover the benefits of being upfront and transparent with people about how you use their data. In this webinar hosted by Robert Bond from Bristows we explore why transparency...GDPRVideos Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter13 July 2020Supplier management: DPN 6 point checklistDue diligence of new suppliers robust enough? Checks in place to make sure suppliers are protecting your data? Use the DPN 6-point checklist. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn13 July 2020Contact Tracing: 7 Quick Steps for collecting people’s dataFrom holiday cottages to theme parks, hotels to pubs, many will be collecting people's details for contact tracing. Get our quick guide to how to do this. GDPRICO Guidance Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...GDPRIndividual Privacy RightsInternational Data ProtectionPolicies and Processes Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Data Governance & SecurityGDPR Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Data Governance & SecurityGDPRPolicies and Processes DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Data Governance & SecurityGDPRPolicies and ProcessesVideos Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Data Governance & SecurityGDPRPolicies and Processes Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Direct MarketingGDPR Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Data Governance & SecurityGDPRPolicies and Processes Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.GDPR Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Direct MarketingGDPRPrivacy by Design DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Data Governance & SecurityGDPRPolicies and Processes Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Data SecurityGDPRPrivacy by Design DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Opinion Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Gemma Johnson13 February 2020Marketers: Will You Need to do a DPIA for that?Why marketers need to understand when they might need to conduct a data protection impact assessment and learn how to do them. Direct MarketingElectronic CommunicationsICO GuidanceMarketing & Data Protection Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Opinion Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter09 February 2020In a Digitally Enabled World, What is Direct Marketing?On 8th January the ICO published a draft code of practice for the marketing community. It’s entitled “Direct Marketing Code of Practice”. The use of the term “Direct Marketing”...Opinion Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn08 February 2020Refer a Friend – Viral Marketing RulesCan you ask your customers to send on your marketing to their friends? The answer, according to the ICO’s draft Direct Marketing Code, is NO! The regulator says for...Opinion Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn28 January 2020ICO Direct Marketing Code ‘draft’: 12 HighlightsJust when I thought January was feeling dull, I got my hands on the ICO’s much-anticipated draft Direct Marketing Code of Practice! This replaces the Regulator’s existing Direct Marketing...Opinion Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn10 December 2019Subject Access Requests & Proof of IDSubject Access Requests – What is ‘proportionate’ to ask for? When responding to a Right of Access request (commonly known as a Subject Access Request), we might be required...Individual Privacy Rights DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Opinion DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Opinion Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Opinion Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Opinion Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Opinion Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...GDPRInternational Data Protection Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Data Governance & SecurityGDPRPolicies and Processes Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Opinion Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter09 July 2019ICO cookie guidance and the impact on website analyticsCookie guidance updated Last week, the ICO published their updated guidance on the use of cookies and other similar technologies. This is to be welcomed as there were some...Opinion Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Opinion Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Data Governance & SecurityDirect MarketingEuropean Data ProtectionGDPR Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Data Governance & SecurityData Protection for SMEsGDPR Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Data Governance & SecurityGDPR DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team15 April 2019Remembering RosemarySadly the Data Protection Network lost our colleague and good friend Rosemary Smith. Rosemary passed away peacefully on Monday 8th April (2019). A year ago, amidst the hectic preparations...Direct Marketing Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Opinion Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Opinion DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Data Protection for SMEsGDPR Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...GDPRInternational Data Protection DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Opinion Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Opinion DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Opinion Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...GDPRIndividual Privacy Rights Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard24 October 2018How the Morrisons liability case increases risks for employersThe Court of Appeal has ruled this week that Morrisons must pay compensation to thousands of employees who were victims of a data beach in 2014. The supermarket chain...Opinion Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Opinion Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...GDPRInternational Data Protection Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Opinion Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...GDPRIndividual Privacy Rights DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...GDPR Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...GDPRInternational Data Protection Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Opinion DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Data Protection ActGDPR Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...GDPR Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Direct MarketingElectronic CommunicationsGDPR Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....GDPR DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...GDPR Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Direct MarketingGDPR
Helping your teams with no-nonsense privacy advice
